Announcement

Collapse
No announcement yet.

Spurious .htaccess files!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spurious .htaccess files!

    Hi, I've been getting suspicious .htaccess files and .webconfig files appearing in my domain roots. The .htaccess file contains a list of search engine redirects and then two Russian web site address's. When I delete them they reappear after a while. Anyone, got the same happening? Has this got anything to do with Plesk security I wonder?

  • #2
    Re: Spurious .htaccess files!

    Originally posted by Phatman View Post
    Hi, I've been getting suspicious .htaccess files and .webconfig files appearing in my domain roots. The .htaccess file contains a list of search engine redirects and then two Russian web site address's. When I delete them they reappear after a while. Anyone, got the same happening? Has this got anything to do with Plesk security I wonder?
    Hi

    Can you please help me by providing a ticket number where you have provided the domain effected ? We would need to see security settings and file permissions. File upload can only happen if FTP is hacked or if your IUSER has wrong permissions or you have a vulnerability in code. I can help much better if I see an example of this file. Kindly open a ticket and provide me the ticket number to assist you further.

    Thanks,
    Ray

    Comment


    • #3
      Re: Spurious .htaccess files!

      Hi, ok, I'll open a ticket. The .htaccess files appear on all my domains even those not using any dynamic content. FTP passwords have been changed.

      Here's what the file contains:

      Options -Indexes
      RewriteEngine On
      RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*baidu.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*youtube.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*wikipedia.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*qq.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*excite.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*netscape.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*hotbot.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*goto.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*mamma.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*alltheweb.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*lycos.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*search.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*metacrawler.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*bing.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*dogpile.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*facebook.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*twitter.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*blog.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*live.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*myspace.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*linkedin.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*infoseek.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*yandex.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*rambler.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*mail.*$ [NC,OR]
      RewriteCond %{HTTP_REFERER} .*ya.*$ [NC]

      < code/links removed > -Rock

      I'm going to create my own blank .htaccess file and make it un-writable.
      Last edited by Rock; 08-04-2013, 13:53. Reason: links removed

      Comment


      • #4
        Re: Spurious .htaccess files!

        Hello,

        We have addressed the issue in the ticket which you have created. If in case the problem still persists would request you to revert back on the ticket.

        Regards,
        Solomon
        EUK-SolomonS
        Rise & Shine

        Comment

        Working...
        X