.htaccess was hacked - after fixing users.php redirects to .ru site (3 posts)

  1. traceywashere
    Posted 3 years ago #

    I followed all the threads relating to .htaccess being hijacked -- cant' find any crazy wp-(random).php or the thumb hack. I've been searching, file by file, ran udpates, etc -- and at this point from the admin dashboard I'm getting a crazy redirect on the users.php file to globalscapesdoubleplatinum.ru . All other dashboard links work fine, just the all users link.

    I can't figure why! I've chekced all the actual php files, and have been digging thru the database with no luck so far.

    Anyone have any ideas. this is so totally irritating the living daylights out of me!

    FYI: All the links in a different post for 'scanning ur site' all show that it's clean.


  2. esmi
    Forum Moderator
    Posted 3 years ago #

    Have you spoken to your hosts about this. If hackers are accessing your .htaccess file, then they have access to your server - not just WordPress.

  3. traceywashere
    Posted 3 years ago #

    hmm .. this may be a firefox cache issue at this point (at least for the users.php) -- in spite of hard refresh.

    i asked the host if any processes were running, they said no. currently i have all the .htaccess files set to 604 permissions in hope that they don't get re-hijacked and changed to 444

    it's just driving me crazy trying to find where/how they got in. I found that my 'client' hadn't updated any of his sites after I set them up, so it could have been through an already fixed vulnerability (I've since updated all his wordpress sites)

Topic Closed

This topic has been closed to new replies.

About this Topic