One of my clients recently had their site hacked so that whenever someone tried to go to the main blog page, the page would show for just a moment and then it would get redirected to some auto-im advertising page.

Not good!

But it turns out that it wasn’t a difficult fix, here’s what we did:

  1. Go to wp-content –> themes –> your current theme
  2. Open index.php with your favourite editor
  3. At the bottom of the page you will find some awkward php script that starts with: <?php and ends with: ?> – delete it all
  4. Open header.php with your editor
  5. Look between the </head> and <body> tags and look for some java script that starts with: <script and ends with: /script> – delete it all.

That seems to have taken care of it!