Solution to 500 Internal Server Error .htaccess Hacked

  • Resolved thebiganswer

    (@thebiganswer)


    13 years, 7 months ago

    Problem
    You are suddenly experiencing a 500 Internal Server Error on your home page which prevents you from seeing any of your Web site content, and may even prevent you from accessing your WordPress admin console.

    Argh!!! What’s the answer? Has our Web hosting company gone bust? What on earth is going on? My Web site is completely broken!

    Cause
    It is possible/probable that your .htaccess is not properly configured – this could be due to A) an accidental typo B) badly written .htaccess file C) a malicious injection hack.

    Solution
    All is not lost! Assuming you’re the victim of C) please try the following:
    1) log into your site via FTP (Filezilla, etc.)
    2) download a copy of your .htaccess file, rename the copy e.g. “.htaccess-backup”
    3) delete the .htaccess file residing on your Web server
    4) create a new blank file called “.htaccess” on your PC/laptop/Mac
    5) upload this new file to your Web server in the same place as the original .htaccess (which you deleted).
    6) navigate to your WordPress admin URL, e.g. https://www.yoursite.com/wordpress/wp-admin, and you should now be able to log in!
    7) finally, once logged in, navigate to the Permalinks settings page in the admin console and do nothing further. Simply going to the settings page should enable WordPress to write the correct .htaccess declarations itself.

    You should now be able to nagivate to e.g. https://www.yoursite.com or https://www.yoursite.com/wordpress (depending on whether WordPress is running your entire site or just a blog etc.) and all should be well once more.

    Assumptions
    Please note I am assuming you are running a typical/standard WordPress setup with the .htaccess configuration which is bundled with a typical WordPress installation. However, this solution may also work equally well for non-standard setups.

    Lessons
    1) Protect your site from XSS (cross site scripting). WordPress has many safeguards in place, but you should be aware of and take extra precautions against malicious scripts sent in comments or otherwise.
    2) If you have a complex .htaccess file (i.e. non standard) it’s well worth keeping a working backup copy offline (which you probaly already do along with the daily/weekly DB and site backups) so you can revert to this in times of future hacking.
    3) If possible turn on Apache logging to make better sense of future server errors.

    Credits
    1) https://www.amenext.com/tutorials/how-to-fix-the-wordpress-internal-server-error/

    While this may not solve all 500 internal server errors relating to a WordPress site (or otherwise), it does appear to be a very common issue and highlights the importance of protecting your site against attacks.

    I hope this helps someone.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter thebiganswer

    (@thebiganswer)

    A few extra notes:

    1) You may find that skipping steps 4 and 5 (create new .htaccess, upload) works for you. This means NOT uploading a new .htaccess file to the server, and just letting WordPress create one.

    2) If your Web site is running on a shared hosting platform (i.e. alongside other Web sites which are not under your domain control), you may find that your site is repeatedly comprismised – in spite of your best efforts.

    Do you have any advice on what might be randomly modifying my .htaccess file? I get an internal server error about once a week – one week it was happening every day. I found out that an ‘s’ or sometimes an ‘ss’ is being added at the end of the file, after it says, “END WORDPRESS”.

    Looking online, people have been getting a similar issue for years. And it almost always seems to be ‘s’ ‘ss’ or ‘ess’ being added. Many people wrote it off as hacks and changed their file permissions to 644. However, my permissions have been at 644 this entire time. Seeing as the file is supposed to end with ‘WORDPRESS’ I have a theory that something is mutant and is adding an extra ‘s’ or 2 ‘ss’ or ‘ess’ when the file gets rewritten.

    How am I supposed to determine what is rewriting it and why it is screwing up so often?

    Thanks for any insight.

    -Tracy
    (www.gogo-gringo.com) Version WP: 3.3.1

    Thousand Thnx, this has really saved the day! Good Job, Respect

    I have had this with a couple of sites, mostly sorted by getting rid of the ‘ss’ from the .htaccess file.

    I have a site at the moment though that is going down weekly with this problem and the client is getting very annoyed. Some times its ‘s’ some times ‘ss’ sometimes ‘ess’ and today ‘ress’ I think by the end of the week I might have the whole ‘WordPress’?

    A fix for this is much needed.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Solution to 500 Internal Server Error .htaccess Hacked’ is closed to new replies.