Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
That looks incorrect…
Can you save that .htaccess file to .htaccess-save, delete the original (keep the -save copy) and ask WordPress to create another one?
http://your-wordpress-url/wp-admin/options-permalink.php
Save the permalinks that will write a new .htaccess file and try again.
If something goes wrong, put the saved copy back.
I did all of this.
I now have a .htacess looking like:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I am being told that a anti virus pop is blocking my site from opening on certain pcs due the .htacess
Url: http://www.blitzbeats.com
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
hmmm…my friend said sometimes the malware message goes away when i change the .htaccess to this
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
</IfModule>
# END WordPress
But now my sidepages dont work…how can I fix this so the site will be secure and free from malware messages and still view my side pages?
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
how can I fix this so the site will be secure and free from malware messages and still view my side pages?
Sorry, but you’re hacked. It happens. This reply gets re-used a lot but it’s not a bad reply.
You’ve a lot of work and reading ahead of you.
Backup everything and put that somewhere safe off of your server. This is your safety net.
http://codex.wordpress.org/WordPress_Backups
http://codex.wordpress.org/Backing_Up_Your_Database
http://codex.wordpress.org/Restoring_Your_Database_From_Backup
Once that’s safely put away, give these a read.
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/
When possible, you’ll need to replace all of your files with good ones from the source. Once you’ve reached the Happy Place™ consider doing this.
http://codex.wordpress.org/Hardening_WordPress
It will make automated updates a manual thing (locking down the file system) but until your confident the site is secure that’s probably not a bad thing. When you’re convinced it’s all good, then you can relax the file system restrictions back to normal.
Good luck.
You really need to delouse that WordPress install. Modifying the .htaccess file doesn’t fix it and the other one is actually correct (for WordPress).
