Back-end not working possibly due to .htaccess file.

I’m wondering if a plugin might be rewriting your htaccess file…

Maybe you should disable any plugins you don’t need, change that htaccess once again, then check it after a time. If it is rewritten again then disable another plugin until you discover the problem… or run out of plugins to disable.

I can’t think of any other way this might happen.

@jnashhawkins thanks for the suggestion. I disabled all my plugins, yet the htaccess file was still updated automatically.

Does anyone else have any suggestions i can try?

I had a similar problem recently which is “ERROR 403 – FORBIDDEN”,
I couldn’t access to the admin panel (back-end)
to fix the problem:
1- Go to cPanel
2- open file manager
3- go to the wp-admin directory
4- open .htaccess file
You may found something similar to this script:

<FilesMatch “.*\.(phtml|php|PhP|php5|suspected)$”>
Order Allow,Deny
Deny from all
</FilesMatch>

change Deny from all
to
Allow from all

I have the same issue ??

@aseelban your solution works but after two day the file .htacess is rewrite.
Did you found the solution ?

• This reply was modified 3 years, 11 months ago by evanfox35.

@evanfox35 I had this problem and I’m fighting it now. My site was hacked and some evil code manipulated my .htaccess files automatic.

Thaks for your reply @joran98 .

What action have you done to fight it?

Hello, @joran98 for your reply.

My website has also been hacked and My problem is that in every folder I have a .htaccess file. Now I am facing another problem.My site is password protected even though I didn’t set a password.

Can you please share if you manage to resolve your problem and if so, please share the solution?

Thanks

Hi, I have the same issue, somebody have found the solution?

maybe you check this web site
911 – WordPress files hacked

Ok, So here is a temporary solution which I did and worked:
1. Remove unnecessary code from index.php
2. delete <FilesMatch>… </FilesMatch> part of code from .htaccess which might be available in wp-admin, wp-content and wp-includes folders as well.

Temporary since it’s a malware likely to affect your index.php file which is overwriting the .htaccess file by adding <FilesMatch>… </FilesMatch> part of code.

Regards,
Omkar N Hatalkar

Ok so tit for tat , this is done by a malware or virus on your website which creates .htaccess file in every subdirectory of public_html , to deal with it I have prepared a script for hotfix

Create a file in home directory of user (/home/exampleuser) with any name such as fix_malware.sh and copy and paste the below content

#/bin/bash

#This script delets all htaccess files which contain FileMatch keyword

echo "Starting Script"

find ./public_html -name ".htaccess" | while read line ;
        do
                grep -q "FilesMatch" $line
                if [ $? == 0 ]; then
                rm $line
                else
                echo not found
                fi
        done

after pasting the content make sure to give executable permission to the script file, with command chmod u+x ./fix_malware.sh and atlast run the script by calling ./fix_malware.sh .

After the script will finish executing you may see your websites working again, but some of them must be misbehaving because of missing htaccess file , sadly you need to find correct htaccess file and paste at the project desired location .

Note I ran the above commands from home directory (/home/exampleuser) , dont forget to change paths if you are running from any other location.

Hope this helps
Happy Coding

here is what i did:-

• login to your c-panel
• rename your plugin folder
• go to the root folder
• find about-us.php file( “The path will be public_html/aboutus.php”)

NOTE:- You can download a fresh copy of wordpress to your localhost and see the files .

• you have to edit index.php file -> you will find two line code in php like <? $somename = “bdhbfsbfjbfkvfsdbfldsbflbfrlibblfgds86f5sd7fs78d6f8s7dgfsdyf86sfids”;?> at the top of index.php
• look for aboutus.php or about.php or about-us.php in your public_html
• delete the file
• go the renamed plugin file remove all deactivated plugins
• check for the last updated file for all your plugins
• look for any anusal code the best way is to download the zip of the plugin and match the files and scripts

you will stop facing the error and the .htaccess wont be rewritten again
All the best
Happy coding

• This reply was modified 3 years, 3 months ago by saurabhwpts.

After executing the bash script we get this error. Any idea?

Starting Script
./fix_malware.sh: line 2: $’\r’: command not found
./fix_malware.sh: line 11: syntax error near unexpected token `done’
./fix_malware.sh: line 11: ` done’

Thanks

Hi Everyone! I face that problem but good news, I found the way.
First of all, go to Cpanel

1. Go to file manager
2. Go to public_html folder
3. first change folder name wp-content to any just like wp-content-off
4. Now change the htacess code

# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
 
 <IfModule mime_module>
 AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>

5. Wait for few minutes, If .htacess file again change then means virus isn’t in this folder
6. Now change wp-includes folder name like before, In my case i got virus in wp-content folder
7. Now again change .htacess file and wait.
8. Inshallah, Now you see .htacess not change! so delete the wp-includes folder and download fresh WordPress from www.ads-software.com and upload only the wp-includes folder.
9. Now change the wp-content-off to again with orignal name (wp-content)
10. Now you need to clean your server ASAP, so install any plugin that has good rating and clean your site.
11. To save your site in the future, Connect your site with cloudflare. Bcz cloudflare give Ddos at free of cost.

• This reply was modified 3 years, 2 months ago by abdulhanan.
• This reply was modified 3 years, 2 months ago by abdulhanan.

I have many files .htaccess with this code>

The code will begin here:

<FilesMatch ".(py|exe|php)$">
 Order allow,deny
 Deny from all
</FilesMatch>
<FilesMatch "^(about.php|radio.php|index.php|content.php|lock360.php)$">
 Order allow,deny
 Allow from all
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

The code ended here.

And my client site is infected with seo spam, with more than 18.000 links redirecting