WordPress.org

Forums

.htaccess file growing in size! (5 posts)

  1. asimj
    Member
    Posted 2 years ago #

    Hi,

    I recently noticed that the .htacess file of my WP installation has been steadily growing in size. It looks like a cron job has been inserting the same directives repeatedly. I used cPanel to check cron jobs but none exist.

    The following code is inserted at regular intervals throughout the day:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteRule ^(hello-test-uk)\/(.*)$ /hello-test-uk?ref=$2 [QSA,L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress

    Any help would be much appreciated.

    Regards,
    Asim

  2. Pothi
    Member
    Posted 2 years ago #

    Hi Asim,

    It looks like your site may have been hacked.

    As a first step, consider changing the permission of that htaccess file to 644 (if it is not set in this way already) and contact your host about what the permissions should be for their hosting environment. If they say something similar to 666 or 777, please consider switching the host.

    Hope this helps.

    Pothi

  3. asimj
    Member
    Posted 2 years ago #

    Hi Pothi,

    The server has a firewall and the site is scanned for malware regularly using the Securi service. The .htaccess file has always had 644 permissions and no other files have been affected.

    I did install the Bulletproof Security plugin and then removed it as I thought it was responsible for the issue. I believe it may be some WP process that is updating .htaccess but don't know how to identify it.

  4. Pothi
    Member
    Posted 2 years ago #

    Asim,

    Okay. If you think some WP process is updating the htaccess file, please set the permission (of htaccess file) to 444 to make sure, no process (or any one from outside) could update it.

    This is only a quick fix (if it works). If you are using any outdated plugin, you might want to look for alternatives. Also please check if the theme has the latest version as well.

    don't know how to identify it

    I don't know how to get to the root cause of this, either.

    You may use one of the several security related plugins available to find out the issue.

    Pothi

  5. asimj
    Member
    Posted 2 years ago #

    Thanks Pothi, I'll try some of the security plugins and see what happens.

Topic Closed

This topic has been closed to new replies.

About this Topic