, LLC. WordPress Redirect  Hack

Find & fix malicious 301 redirects to in WordPress.

I picked up a strange issue on my WordPress site today while reviewing stats in Google Search Console. I noticed a malicious 301 redirect happening for an old post, one that had no redirect rules set. Specifically the post had a 301 redirect set to send traffic to, which is definitely a malicious site. I’m still tracking down how this happened, as it seems to have only affected a single post on the site. I’ll follow-up here with more details when I have them.


One of my older posts has a malicious 301 redirect sending traffic to, which is definitely a malicious site.


I tracked the malicious 301 redirect down to the Yoast SEO plugin for WordPress. The following SQL query allowed me to solve it.

1. Backup Your Database

We’re doing to remove these directly from the WordPress MySQL database, so make sure you backup your database just in case any bloopers occur. You should always do this when working with SQL on a database.

2. Find Malicious Results

I recommend that you first check for malicious Yoast SEO redirects with the following query, which will only list matches (not delete).

SELECT * FROM `wp_postmeta` WHERE `meta_key` LIKE '%_yoast_wpseo_redirect%' AND `meta_value` LIKE ''

3. Delete Them

If the list of results provided by the test above are all items you want to delete then the following command will remove them all for you.

DELETE FROM `wp_postmeta` WHERE `meta_key` LIKE '%_yoast_wpseo_redirect%' AND `meta_value` LIKE ''

What is

If you landed here searching for information in general then you probably are experiencing some sort of issue related to them. is a malicious site that seems to be attempting to manipulate search rankings by hacking into secured systems in order to place spam links leading back to their website. If you have links on your website then it’s likely that they gained access through a social media related backdoor, which based on my research seems to be the approach or tactic they generally use to do this.

If you have any other related hack information to share please do mention it in the comments below for other visitors that are having trouble with them also.

Meet the Author

Kevin Leary, WordPress Consultant

I'm a freelance web developer and WordPress consultant in Boston, MA with 16 years of experience building websites and applications. View a portfolio of my work or request an estimate for your next project.