slobizman
Member
Posted 1 year ago #
I found this code in my htaccess file and don't know what it does, so I pulled it out. Can anyone tell me what it does?
(My domain name (mydomain.com) was not being indexed in Google (used to be), but many internal pages are. Could this code have done something?
# -FrontPage-
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName www. [spam link removed] .com
AuthUserFile /home/xxxxxxxm/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/xxxxxxxm/public_html/_vti_pvt/service.grp
The first line is telling the automatic index which Apache shows when there's no default file to ignore a whole bunch of files. (So essentially it's hiding stuff.)
The limit bits look like they are attempts to prevent various uploads. Whether the syntax is valid I couldn't say 100% without checking.
The authname bit is the basis for setting up apache based authentication, with a an authname section that looks fairly spamish. However, there doesn't seem to be any code that actually applies this authentication.
All in all, I'd say if you didn't put this stuff there, your server is probably compromised. Read http://codex.wordpress.org/FAQ_My_site_was_hacked and the related links.
slobizman
Member
Posted 1 year ago #
