Customers sending suspicious links - where is protection for authors?

I am having issue with my customer. After thirty and more messages where I was helping him with his website and my theme, today he is sending me link of his website that had weird redirection and opens completely different address.
I refused to help him because I can’t do anything with that website, that is definitely not theme issue and also I have right to suspect he is trying to hack my computer or something like that.
I sent screenshots to support as evidence but I will post link to his website here: although he might be remove that redirect soon.
I can’t support this customer. Is there any protection for authors in this case or advice what to do when such link is sent to us by customer? Additionally, customer sent me email cursing me and will probably give me bad rating.

@KingDog @BenLeong

I removed the link because those redirects can go to some pretty bad websites. The redirection is coming from the very first line of the customer’s website, where a script with id globalsway is loading external an script with eval() that eventually redirects.

It seems your customer’s website has been hacked. I found similar campaigns which load the same script using known plugin vulnerabilities. Here’s one such case from a few weeks ago which looks identical:

You can send the customer this link and explain that it looks similar to their case, so they should update their plugins. However, it looks like this particular exploit grants database access, so your customer should consider their website fully compromised and figure things out with their web host from here.

Can’t advise on the ‘protection for authors’ part, you can always contact support if they leave an unfair review, but I was happy to investigate the website for you.

1 Like

Thank you! I will send this answer to customer.
Problem is customer insisted that my theme is broken and that it causes that redirect of their website.

1 Like

Yeah, that’s an unfortunate misconception on their part. Hopefully you can clear it up with them now, and hopefully they can get their website patched up.

I’d definitely remind them about the importance of keeping their plugins up-to-date, since there are bots that constantly crawl around the internet looking to find and automatically exploit known WordPress plugin vulnerabilities. Even the smallest websites are targeted. It’s a really unfortunate situation.

Cheers!