After years of not having a client get hacked, I got 2 in a few weeks. One client (client A) has a WordPress site which I developed the theme on. Another client (client B) was brand new, no WordPress. Client A’s site was redirecting to a porn site whenever a visitor went through a link from Google. Client B’s site was redirecting to a 404 page (a php file was not found). Both sites were fine when visiting the direct link.
I found malicious code in Client A’s .htaccess file redirecting anyone visiting from google, bing, or any of the major search engines. I found and removed the PHP files that were not supposed to be on the site.
Client B’s site was clean as a whistle. Nothing suspicious in the htaccess file and no mysterious php files. Needed to contact the host about this one.
In searching for more information on how the attackers may have gotten in, I came across this worrisome forum. Both clients are on GoDaddy so this is probably the issue they both had: