Forums

WordPress › Support » Installation

hacked... trouble with .htaccess (3 posts)

  1. cobrawine
    Member
    Posted 3 years ago #

    This is my first time posting in this forum. I have read through all of the other .htaccess forum threads to find an answer but am not able to, my apologies to any veterans that are tired of base questions.

    My blog got hacked. I spoke with the host company I use for all my sites and the tech said that the .htaccess files were altered to automatically run a script that was placed in the same directory by the hacker, which was (random 5 digit number).php. I was told this was a phishing scam and they actually disabled my site because of this.
    I erased all of the offending .htaccess files which were placed in the 'root' directory, 'wp-content', 'uploads' and even individual image directories within 'uploads'.

    Now I am reading there is a default .htaccess file that should be there but I don't know what that should contain, and it isn't in the WordPress download files that were used to create the site initially.
    Next, none of my images are showing and all of the permalinks lead to 404, including clicking on image names and 'comments'.

    the site is
    blog.austindodson.com

    I realize that it's all .htaccess related. I am also pretty certain my permissions are set correctly.

    If someone can direct me to another thread that answers the question, thank you. If there is not a preexisting answer I would appreciate any help, thanks.

  2. whooami
    Member
    Posted 3 years ago #

    just create a file named this: htaccess.txt
    put it on your own pc's desktop.. or somewhere else you can find it

    use your ftp client, and upload it to your site to the root of your blog (where your wp-config.php is)

    if you run into problems uploading it because its a 0-byte file, open it, using notepad, locally (before you upload it, and put this:

    ##

    inside it.

    Save it, and upload it.

    Once its on your server, you will need to rename it to .htaccess

    that dot is intentional.

    Most, if not all, ftp clients provide a way to rename files on your server.

    After youve done that, go into your wp-admin area and regenerate your old permalinks.

    WP will either write the needed code to your newly created and uploaded .htaccess or it will tell you what to put inside it.

    If you end up chmod'ing your .htaccess to 666 so that WP can write to it, be sure to chmod it back to something more sane (644), after youre done with the permalink thing.

    Not doing that before probably aided and abetted whatever hack you suffered.

  3. cobrawine
    Member
    Posted 3 years ago #

    Thank you whooami,
    I will give this a try!

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags