Recently discovered an old Joomla website that had been hacked by a remote exploit which changed the contents of .htaccess and redirected the connecting clients away to malicious sites.
I don’t know how they managed it but I thought that if .htaccess wasn’t writeable by the webserver process then the hack would have failed to modify .htaccess and therefore the problem would be reduced.
So to find your .htaccess files:
# run this from the highest directory possible so you find all your web .htaccess files find ./ -name .htaccess | xargs -I {} ls -al {}
To remove write access for user group and world:
find ./ -name .htaccess | xargs -I {} chmod -w {}
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.