Topic: .htaccess file added to every folder | BulletProof Security Forum

.htaccess file added to every folder

This topic has 1 reply, 2 voices, and was last updated 9 months, 3 weeks ago by AITpro Admin.

Viewing 2 posts - 1 through 2 (of 2 total)

Author

Posts
July 15, 2023 at 5:30 am #42995
Jim Byrne
Participant
Hi, Discovered one of my site has been hacked. A .htaccess file has been added to every folder. the file contains the following code:
```
<FilesMatch '.(py|exe|phtml|php|PHP|Php|PHp|pHp|pHP|pHP7|PHP7|phP|PhP|php5|suspected)$'>
Order allow,deny
Deny from all
</FilesMatch>
```
I think other files have been compromised. It looks like the entire site needs to be cleared out and redone.

Have oyu had any reports of where this is coming form – or what plugin has been compromised as I have a lot of websites and it would be a huge disaster to have them hacked. Thanks, Jim
July 15, 2023 at 8:30 am #42997
AITpro Admin
Keymaster

Typically a website/hosting account has been hacked for months to years before a website owner becomes aware that the hosting account is hacked. Typically if one of your websites under a hosting account is hacked then you need to clean up your entire hosting account. Use the hosting account hack clean up steps here > https://forum.ait-pro.com/forums/topic/wordpress-hacked-wordpress-hack-cleanup-wordpress-hack-repair/
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.