Written by James McDonald

May 26, 2010

Recently discovered an old Joomla website that had been hacked by a remote exploit which changed the contents of .htaccess and redirected the connecting clients away to malicious sites.

I don’t know how they managed it but I thought that if .htaccess wasn’t writeable by the webserver process then the hack would have failed to modify .htaccess and therefore the problem would be reduced.

So to find your .htaccess files:

# run this from the highest directory possible so you find all your web .htaccess files
 find ./ -name .htaccess | xargs -I {} ls -al {}

To remove write access for user group and world:

 find ./ -name .htaccess | xargs -I {}  chmod  -w {}

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...