[Plugin: W3 Total Cache] .htaccess – hacked?

  • Resolved runerunerune

    (@runerunerune)


    15 years, 3 months ago

    I’ve been using W3 total cache on a couple of sites for a while now. Tonight I wanted to clear the page cache and got the error message that I had to chmod the .htaccess file to 777. I looked at the .htaccess file (on both sites, two different servers) and this is what I found:

    # BEGIN W3TC Browser Cache
    <IfModule mod_deflate.c>
    <IfModule mod_setenvif.c>
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4\.0[678] no-gzip
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
    </IfModule>
    <IfModule mod_headers.c>
    Header append Vary User-Agent env=!dont-vary
    </IfModule>
    AddOutputFilterByType DEFLATE text/css application/x-javascript text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon
    </IfModule>
    <FilesMatch “\.(css|js)$”>
    FileETag None
    <IfModule mod_headers.c>
    Header set X-Powered-By “W3 Total Cache/0.9.1.3”
    </IfModule>
    </FilesMatch>
    <FilesMatch “\.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml)$”>
    FileETag None
    <IfModule mod_headers.c>
    Header set X-Powered-By “W3 Total Cache/0.9.1.3”
    </IfModule>
    </FilesMatch>
    <FilesMatch “\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|swf|tar|tif|tiff|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$”>
    FileETag None
    <IfModule mod_headers.c>
    Header set X-Powered-By “W3 Total Cache/0.9.1.3”
    </IfModule>
    </FilesMatch>
    # END W3TC Browser Cache

    # BEGIN W3TC Page Cache
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_USER_AGENT} (2\.0\ mmp|240×320|alcatel|amoi|asus|au\-mic|audiovox|avantgo|benq|bird|blackberry|blazer|cdm|cellphone|danger|ddipocket|docomo|dopod|elaine/3\.0|ericsson|eudoraweb|fly|haier|hiptop|hp\.ipaq|htc|huawei|i\-mobile|iemobile|j\-phone|kddi|konka|kwc|kyocera/wx310k|lenovo|lg|lg/u990|lge\ vx|midp|midp\-2\.0|mmef20|mmp|mobilephone|mot\-v|motorola|netfront|newgen|newt|nintendo\ ds|nintendo\ wii|nitro|nokia|novarra|o2|openweb|opera\ mobi|opera\.mobi|palm|panasonic|pantech|pdxgw|pg|philips|phone|playstation\ portable|portalmmm|ppc|proxinet|psp|pt|qtek|sagem|samsung|sanyo|sch|sec|sendo|sgh|sharp|sharp\-tq\-gx10|small|smartphone|softbank|sonyericsson|sph|symbian|symbian\ os|symbianos|toshiba|treo|ts21i\-10|up\.browser|up\.link|uts|vertu|vodafone|wap|willcome|windows\ ce|windows\.ce|winwap|xda|zte) [NC]
    RewriteRule .* – [E=W3TC_UA:_low]
    RewriteCond %{HTTP_USER_AGENT} (acer\ s100|android|archos5|blackberry9500|blackberry9530|blackberry9550|cupcake|docomo\ ht\-03a|dream|htc\ hero|htc\ magic|htc_dream|htc_magic|incognito|ipad|iphone|ipod|lg\-gw620|liquid\ build|maemo|mot\-mb200|mot\-mb300|nexus\ one|opera\ mini|samsung\-s8000|series60.*webkit|series60/5\.0|sonyericssone10|sonyericssonu20|sonyericssonx10|t\-mobile\ mytouch\ 3g|t\-mobile\ opal|tattoo|webmate|webos) [NC]
    RewriteRule .* – [E=W3TC_UA:_high]
    RewriteCond %{HTTPS} =on
    RewriteRule .* – [E=W3TC_SSL:_ssl]
    RewriteCond %{SERVER_PORT} =443
    RewriteRule .* – [E=W3TC_SSL:_ssl]
    RewriteCond %{HTTP:Accept-Encoding} gzip
    RewriteRule .* – [E=W3TC_ENC:.gzip]
    RewriteCond %{REQUEST_METHOD} !=POST
    RewriteCond %{QUERY_STRING} =””
    RewriteCond %{REQUEST_URI} \/$
    RewriteCond %{REQUEST_URI} !(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|wp-.*\.php|index\.php) [NC,OR]
    RewriteCond %{REQUEST_URI} (wp-comments-popup\.php|wp-links-opml\.php|wp-locations\.php) [NC]
    RewriteCond %{HTTP_COOKIE} !(comment_author|wp-postpass|wordpress_\[a-f0-9\]\+|wordpress_logged_in) [NC]
    RewriteCond “/home/vhosting/m/vhost0015076/domains/xxxxxxxxxx.com/htdocs/www/wp-content/w3tc/pgcache/$1/_index%{ENV:W3TC_UA}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}” -f
    RewriteRule (.*) “/wp-content/w3tc/pgcache/$1/_index%{ENV:W3TC_UA}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}” [L]
    </IfModule>
    # END W3TC Page Cache

    Now, I’m not a programmer nor a professional, but I can’t help but think this looks weird. I deactivated w3 and deleted it on both sites and now the .htaccess files are back to ‘normal’.

    What’s happened here, is this the way it should look?????

    Hope to hear from you.

    Rune

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter runerunerune

    (@runerunerune)

    15 years, 3 months ago

    I guess what I took for spam or worse (the list of mobile phones etc.) is meant to be there for mobile platforms…you learn a little everyday 🙂

    teenunited

    (@teenunited)

    15 years, 3 months ago

    hello
    I am getting this problem as well. when i remove these words as i am a developer but plug in give error that htaccess is not configured or some thing.

    please tell me are these sponsorship ads from W3 Total Cache or there is some other plug causing the problem to website htaccess. but this sure that W3 Total Cache ask to put this code in htaccess.

    Can i remove them?

    RewriteCond %{HTTP_USER_AGENT} (2\.0\ mmp|240×320|alcatel|amoi|asus|au\-mic|audiovox|avantgo|benq|bird|blackberry|blazer|cdm|cellphone|danger|ddipocket|docomo|dopod|elaine/3\.0|ericsson|eudoraweb|fly|haier|hiptop|hp\.ipaq|htc|huawei|i\-mobile|iemobile|j\-phone|kddi|konka|kwc|kyocera/wx310k|lenovo|lg|lg/u990|lge\ vx|midp|midp\-2\.0|mmef20|mmp|mobilephone|mot\-v|motorola|netfront|newgen|newt|nintendo\ ds|nintendo\ wii|nitro|nokia|novarra|o2|openweb|opera\ mobi|opera\.mobi|palm|panasonic|pantech|pdxgw|pg|philips|phone|playstation\ portable|portalmmm|ppc|proxinet|psp|pt|qtek|sagem|samsung|sanyo|sch|sec|sendo|sgh|sharp|sharp\-tq\-gx10|small|smartphone|softbank|sonyericsson|sph|symbian|symbian\ os|symbianos|toshiba|treo|ts21i\-10|up\.browser|up\.link|uts|vertu|vodafone|wap|willcome|windows\ ce|windows\.ce|winwap|xda|zte) [NC]
    RewriteRule .* – [E=W3TC_UA:_low]
    RewriteCond %{HTTP_USER_AGENT} (acer\ s100|android|archos5|blackberry9500|blackberry9530|blackberry9550|cupcake|docomo\ ht\-03a|dream|htc\ hero|htc\ magic|htc_dream|htc_magic|incognito|ipad|iphone|ipod|lg\-gw620|liquid\ build|maemo|mot\-mb200|mot\-mb300|nexus\ one|opera\ mini|samsung\-s8000|series60.*webkit|series60/5\.0|sonyericssone10|sonyericssonu20|sonyericssonx10|t\-mobile\ mytouch\ 3g|t\-mobile\ opal|tattoo|webmate|webos) [NC]

    Pascal Dreissen

    (@pdreissen)

    15 years, 1 month ago

    This is absolutely normal behavior of W3TC, this depends on the agents you are using under the User Agent tab, so you can have several independent caches for your agent groups. So nothing to worry about. If you don’t want them in remove them from the specific tab and they will be removed from the .htaccess file… so no worries!

    shanepetty

    (@shanepetty)

    15 years ago

    Thanks for the post and replies. I had the same response when looking at my .htaccess file.

    On the W3TC, take a look at the installation instructions, as it directs you to change the permissions:

    Locate and activate the plugin on the “Plugins” page. Page caching will automatically be running in basic mode. Set the permissions of wp-content and wp-content/uploads back to 755, e.g.: # chmod 755 /var/www/vhosts/domain.com/httpdocs/wp-content/.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘[Plugin: W3 Total Cache] .htaccess – hacked?’ is closed to new replies.