Forums

WordPress › Support » How-To and Troubleshooting

Repeated .htaccess hacks (9 posts)

  1. dontbegauche
    Member
    Posted 11 months ago #

    Hello I hope someone can give me some help with this problem, I know multiple people are facing this issue, which seems to have surfaced last week (this string at least):

    My .htaccess files on my web server are being repeatedly injected with redirect code, to Russian malware sites. For instance, the first redirect was to "brend-store.ru". I quickly removed the redirect code from every .htaccess file, and that fixed the problem temporarily. However, about everyday (besides Saturday/Sunday- do hackers need rest too?!) the .htaccess files are injected again, and I have to repeat the same steps.

    At this point, I don't know if this is a FTP password stealing problem/trojan virus on my computer, or if there is some hack code in my websites' files that is allowing these attacks.

    Anyone have any help? I am becoming desperate.

    FYI: I am resetting my FTP passwords daily, running antivirus scans multiple times a day. This seems to be directly related to WordPress users, so I am guessing the hack is coming/came through WP somehow.

    Thanks for any help!

  2. esmi
    Theme Diva & Forum Moderator
    Posted 11 months ago #

    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

  3. songdogtech
    Member
    Posted 11 months ago #

    Who is the web host?

  4. dontbegauche
    Member
    Posted 11 months ago #

    JustHost.com

  5. songdogtech
    Member
    Posted 11 months ago #

    With some shared hosts, the hacks actually come from from other, insecure accounts at the host. Sometimes you have to change hosts.

  6. Tom
    Member
    Posted 11 months ago #

    That's the problem with shared hosts, especially bigger hosting companies like this which cram so many people/ sites onto the same server - all it takes is for one account to get hacked & you're all compromised.

    Find a decent host

  7. dontbegauche
    Member
    Posted 11 months ago #

    Any recommendations for a good host?

    I am still not sure the problem isn't in a hole in my site's files or a backdoor etc. I'm going through everything like a crazy person trying to find the problem. So far nothing.

  8. songdogtech
    Member
    Posted 11 months ago #

    http://codex.wordpress.org/Hosting_WordPress

  9. Tom
    Member
    Posted 11 months ago #

    Personally I've not tried any of the recommended WordPress hosts listed here.

    ...But I'm reluctant to make a personal recommendation as I'm not sure what the rules are here for advertising. And my link would probably be seen as an advert, since I own the business :)

    There's lots of web hosts out there, have a look at some comparison sites. Although take note: cheap usually doesn't mean 'decent'. Cheap usually means 'crammed full of lots of accounts/ sites'.

Reply

You must log in to post.

About this Topic

Tags