If you can post the malicious part of the code here, over the next few days it might help discover whether these attacks all seem to be related (if the code is identical).
Also, as more people post about similar attacks, if any one of them determines how the .htaccess got modified, it might help everyone who has been attacked. As far as how it was accessed, only the timestamp on the .htaccess combined with a review of your site access logs can determine that. Look in the logs (regular and FTP logs) for requests that were made a few seconds before the timestamp. On Nov 20, 3:26 pm, Jesse N <[EMAIL PROTECTED]> wrote: > Hey there, > > Some one get at me. I've got an untouched .htaccess hack that we can > review for how it was accessed and all of that jazz. > > I fixed the issue on one my main project, and decided to check one of my > side projects that are on the same host. Turns out they dropped an > .htaccess in there where I didn't have one yet. --~--~---------~--~----~------------~-------~--~----~ You received this message through the Google Groups "stopbadware" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/stopbadware?hl=en -~----------~----~----~----~------~----~------~--~---
