Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Other htaccess from a hacked site

  • This topic is empty.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #40825
    mattjt83
    Participant

    Hi I recently had to clean up a friends site which was hacked. The hack inserted code into every index.php page as well as every .js file. What was interesting though was the fact that they changed the sites main htaccess file to read:

    # -FrontPage-

    IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*

    order deny,allow
    deny from all
    allow from all
    order deny,allow
    deny from all

    Just wondering if someone can shed some light on what this would accomplish? Thanks guys!

    #114476
    mattjt83
    Participant

    Edit sorry it stripped all the tags out….

    # -FrontPage-

    IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*

    order deny,allow
    deny from all
    allow from all
    order deny,allow
    deny from all
    #114510
    __
    Participant

    near as I can tell (and I’m not positive), that seems to be the standard junk that Microsoft FrontPage throws into a .htaccess file. Are you sure it was a result of the attack?

    #114567
    mattjt83
    Participant

    Yeah I thought it was strange as well. But yes it happened with the attack. All of the index.php files had code injected and the normal htaccess file was overwritten with the one I posted.

    #114594
    JohnMotylJr
    Participant

    Probably the Russians or Chinese, i have about 20-100 attempts into my server a day.

    https://www.countryipblocks.net/

    #114608
    chrisburton
    Participant

    @JohnMotylJr They could just use a proxy to bypass that.

Viewing 6 posts - 1 through 6 (of 6 total)
  • The forum ‘Other’ is closed to new topics and replies.