My IPV4 redirects to an unknown website, what should I do now?

Posted September 12, 2020 455 views
DigitalOceanDigitalOcean Cloud Firewalls

As already obvious from the title, as soon as I copy the IPV4 of my droplet and paste it in the search bar of the chrome browser, it gets redirected to an unknown website. What should I do now?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hi there @nishant290195nkr,

I could suggest a couple of things:

  • First check your webserver configuration and make sure that there are no suspicious redirects. This would depend on the webserver that you are using:

    • For Apache you need to check the Vhosts at /etc/apache2/sites-enabled directory
    • For Nginx you need to check the Server blocks at /etc/nginx/sites-enabled directory
  • Check the IP addresses that have last accessed your server, you can do that with the following command:

  • last
  • If you noticed any successful login attempts form suspicious IP addresses, I would recommend restoring a backup of your Droplet from a date when this was working as expected

  • If you are using a CMS like WordPress, I would recommend running a quick scan to try and identify any malicious files. You could use a plugin like Wordfence to do the scan.