Title: htaccess file problem Last modified: August 20, 2016 --- # htaccess file problem * [jetskiron](https://wordpress.org/support/users/jetskiron/) * (@jetskiron) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/) * My website [http://www.insuranceclaimhelp.org](http://www.insuranceclaimhelp.org) has been having different kinds of problems such as 404 page not found, 403 Forbidden, posts and replies not showing in side bar pages, pages not available within the site, etc over the last 5 weeks. In the beginning Godaddy and I found that restoring the .htaccess file to earlier 324 byte file solved the problems. But now the htaccess files get overwritten from some unknown source within an hour or minutes of restoring. I have changed the passwords several times and only me an Godaddy has access to the password. Is there a WordPress setting to stop WordPress from overwriting the files, if it is WordPress that is doing it? Viewing 13 replies - 1 through 13 (of 13 total) * [MickeyRoush](https://wordpress.org/support/users/mickeyroush/) * (@mickeyroush) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2285999) * > Is there a WordPress setting to stop WordPress from overwriting the files, * You make sure the .htaccess file is only Readable by all, giving it permissions of 444. But nothing will be able to write to it, which means if you updated your WordPress Permalink structure you would have to change the file permissions back. * There is something else going on and this is not really an overall solution. * Thread Starter [jetskiron](https://wordpress.org/support/users/jetskiron/) * (@jetskiron) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286027) * Thanks Mickey, is there a place in WordPress Dash panel where I set the permissions of .htaccess? Or does that have to be written into the source code with an editor like Dreamweaver? * I need a WordPress professional ASAP to figure what is going wrong with my site, and I will pay. Any recommendations? * [fonglh](https://wordpress.org/support/users/fonglh/) * (@fonglh) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286049) * > Thanks Mickey, is there a place in WordPress Dash panel where I set the permissions > of .htaccess? Or does that have to be written into the source code with an > editor like Dreamweaver? * Neither, but you can change it with whatever file management tool Godaddy provides. * > I need a WordPress professional ASAP to figure what is going wrong with my > site, and I will pay. * Post on [http://jobs.wordpress.net/](http://jobs.wordpress.net/) * Thread Starter [jetskiron](https://wordpress.org/support/users/jetskiron/) * (@jetskiron) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286057) * Thanks so much. You know I have spent hours on the phone with Godaddy reps and none of them told me this. Amazing! * Thread Starter [jetskiron](https://wordpress.org/support/users/jetskiron/) * (@jetskiron) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286225) * Mickey, I reset the .htaccess file permissions using the Godaddy Hosting control panel to read only and unchecked the write box, but the file got overwritten again??? * I understand WordPress has to update the database on the server as new posts and replies are made, but does WordPress edit or write to other files on the server? * Does WordPress automatically edit and upload .htaccess files? * If not, then that would mean that someone at Godaddy is changing the .htaccess file, since I am the only one with the password? * Thread Starter [jetskiron](https://wordpress.org/support/users/jetskiron/) * (@jetskiron) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286227) * Would it be possible to attach a copy of this altered .htaccess file to this post? Or would I just copy paste it here? * [nonname](https://wordpress.org/support/users/bipies/) * (@bipies) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286228) * if htacces was modiffied once it will be modified again, ask godady to scan your account for suspicious files, it sounds like a php trojan is inside your account 🙂 * [MickeyRoush](https://wordpress.org/support/users/mickeyroush/) * (@mickeyroush) * [14 years, 7 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286231) * > Would it be possible to attach a copy of this altered .htaccess file to this > post? Or would I just copy paste it here? * Forum dictates that you would be better helped if you use the following to display your file contents: [http://pastebin.com/](http://pastebin.com/) * And paste the link to it here in this thread. * Please replace anything in the file that could reveal your server path, IP address, any information that is specific to your site, etc. * > Mickey, I reset the .htaccess file permissions using the Godaddy Hosting control > panel to read only and unchecked the write box, but the file got overwritten > again??? * I’m not familiar with the GoDaddy control panel. Does this make it read only for everyone? Are the file permissions 444 for the .htaccess file? WordPress nor anyone else should be able to write to the .htaccess if file permissions are set to 444, unless someone is going right behind you and changing them to be writable again. Just because only you and GoDaddy have your access credentials, does not rule out that something else could be going on, especially if you’re on a shared server and some has gained access to it all. * But, it could also be something little, that is just being overlooked. * Thread Starter [jetskiron](https://wordpress.org/support/users/jetskiron/) * (@jetskiron) * [14 years, 6 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286275) * Bipies, regarding “php trojan inside account”: * 9-1-11 1:02 pm – I discovered there was no traffic from search engines to ich. org around 1:00 pm. (I was averaging 700 visits a day before this). Although the ich website came up for “direct” traffic, when it was accessed by clicking on a google and yahoo search results, an error page came up entitled “403 Forbidden”. That error description said the server (Godaddy server) was denying redirection. I called Godaddy 1:02 pm and talked to “Phil” in the SSL department. We discovered the older 324 bite htaccess file had been changed again on 8-31-11 11:30 pm, and to a 4.74 KB file. He also said Godaddy did an automatic virus scan with Norton on the web server when that error page came up and found a virus file called “Trojan.maljava” and he deleted it. He said it was a “trojan mouse script.” I then uploaded the original htaccess 324 bite file at around 2:00 pm. The google search results navigation to ich then worked ok. * He then sold me Godaddy antivirus “Site Scanner” tool which he said may solve these security problems. * 1. The htaccess file still continues to get overwritten within an hour of uploading the original via ftp, or using Godaddy Restore feature. And even though the Godaddy write permissions box is unchecked for Owner and User. * 2. Is the Site Scanner supposed to scan for Trojan viruses like the Godaddy scanner does? * Thread Starter [jetskiron](https://wordpress.org/support/users/jetskiron/) * (@jetskiron) * [14 years, 6 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286276) * Mickey, * Godaddy does not have 3 digit numbers for file permissions, only two check boxes to write for “Owner” and “User”. I unchecked the owner one, the other one was already unchecked. * [nonname](https://wordpress.org/support/users/bipies/) * (@bipies) * [14 years, 6 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286288) * so, no way, it a thing (till I know) to check file per file :(, or, if its the same that one I faced with, you can download all your files and search inside them something like: * “ RewriteRule ^(.*)$ [http://aviable-update.ru/corcas/index.php](http://aviable-update.ru/corcas/index.php)[ R=301,L] * Thanks so much to all 🙂 * [MickeyRoush](https://wordpress.org/support/users/mickeyroush/) * (@mickeyroush) * [14 years, 6 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286310) * @ jetskiron * Yep, it looks like your site is/has being hacked. * I’m not sure if anyone has mentioned these links to you yet. * [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/) * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked) [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779) [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/) [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/) * If you’re going to try and clean it up yourself, you need to check out those links. This sort of looks like a timthumb hack/attack. So you probably have more malicious scripts throughout your directories. I could be wrong though. Wish I could help more. 🙁 Viewing 13 replies - 1 through 13 (of 13 total) The topic ‘htaccess file problem’ is closed to new replies. ## Tags * [.htaccess problems](https://wordpress.org/support/topic-tag/htaccess-problems/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 13 replies * 4 participants * Last reply from: [MickeyRoush](https://wordpress.org/support/users/mickeyroush/) * Last activity: [14 years, 6 months ago](https://wordpress.org/support/topic/htaccess-file-problem-3/#post-2286310) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics