WordPress.org

Ready to get started?Download WordPress

Forums

.htaccess file hacked (3 posts)

  1. debbiejames
    Member
    Posted 1 year ago #

    This file was hacked and redirecting users to another site.

    I have a .htaccess file in /wp-content, also /wp-content/plugins, along with one in the main directory.

    Besides the main directory, are these others supposed to be there? How do I get rid of this?

  2. bcworkz
    Member
    Posted 1 year ago #

    WordPress only needs the .htaccess in the main directory to function properly. There could be legitimate reasons for having them elsewhere. If you are the sole admin for the site and you didn't put them there, move and rename them to a safe place for possible analysis. In addition, there are probably entries in the main one that do not belong. Ideally, it should be restored from a clean backup.

    The big issue is how did it happen and how can you stop from happening again? There can be backdoors and malicious code anywhere on your site now. Start a response with FAQ My site was hacked.

  3. The Hack Repair Guy
    Member
    Posted 1 year ago #

    The .htaccess in your main directory is the only one required, and should look something like this:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress

    Since your site was hacked it's likely hacker has hidden some back door scripts as well, which may allow them to re-hack your site again in future.

    So you'll need to first be sure and update every script within your site, WP version, plugins, etc., then work through the process of reviewing every file for hacker code.

    This site may be helpful in tracking down the code snippets or files hacked as well:
    http://www.unmaskparasites.com/

Topic Closed

This topic has been closed to new replies.

About this Topic