.htaccess files compromised

  • I added this to all my sites and made all the changes to the backend to prevent comments, logins and file changes but within a week I have gotten file change notifications that each of them have gotten files changed at the htaccess file level which is just the whole point I was trying to avoid.

    My logins are getting 100’s or blocks a day and files are being changed without my authorisation, these trojan horse assaults are what security should be mitigating, not just telling me it happened but prevent it.

Viewing 3 replies - 1 through 3 (of 3 total)

  • @thompsonprint

    Did you add the iTSec plugin AFTER being hacked ?
    Often people (i’m not saying you did) install a security plugin when it is too late …

    Also note some of the iTSec plugin features write changes to the .htaccess file.

    Thread Starter thompsonprint

    (@thompsonprint)

    No, I added the IthemeSec at creation of the site, first thing on a fresh install.

    I have gotten these types of notices, a few weeks after the site being live. Does iThemeSec add files or changes remotely? Is this them or hackers?

    File Modified File Hash
    .htaccess Tuesday December 27th, 2016 at 9:44 am UTC 857402bf7ca0801cd223ac75c0df74c4

    @thompsonprint

    Does iThemeSec add files or changes remotely? Is this them or hackers?

    No, the iTSec plugin does not add or change files on its own.
    I have too little info to say whether this is a hack issue.

    Have you run a Sucuri Malware Scan ?

    Are there any unexplained/malicious entries added to the .htaccess file ?

    Are there any other plugins installed that write changes to the .htaccess file ?

    What other files are being changed ? WordPress Core files ?
    If so what changes are made in those files ?

    A good assessment can only be made with more info provided ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘.htaccess files compromised’ is closed to new replies.