• edwardsmark


    hello –

    it was recommended to me to use the following code to redirect all http requests to https:

    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ http://%1%{REQUEST_URI} [R=301,QSA,NC,L]
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$      https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    but the totally awesome quttera gives me this result:

    Severity:	enSuspiciousThreatType
    File:	  /.htaccess
    File signature:	803f2bbb0ad650e9d152685d8ac97492
    Threat signature:	2854e0d7455a62852d90a0b164a018c3
    Threat:	RewriteRule ^(.*)$ h
    Details:	Detected suspicious JavaScript redirection

    is there a better way i can redirect http requests to https?

    thank you very much.

Viewing 1 replies (of 1 total)
  • Plugin Author quttera


    Thank you for reporting this issue.

    We mark it as suspicious because there are multiple malware instances utilizing this technique to steal/redirect traffic from infected websites.

    Please whitelist this detection on your side.

    Next to the detection section, you will find a button “Whitelist file” or “Ignore Threat”.

    Please use it and plugin won’t claim anymore on this files.

Viewing 1 replies (of 1 total)
  • The topic ‘(dot)haccess false positive?’ is closed to new replies.