Wednesday, December 12, 2018

How To Fix Attacked .htaccess File On Godaddy Shared Hosting

Got a call from a client about website not coming up. If you searched for the site in a search engine and clicked on any link to the site you got a page about a missing PHP file.  This site is a static HTML site.

I opened the .htaccess file and saw redirects to the PHP file that didn’t exist. I cleared out the .htaccess file and when you click on the search link the site came up fine.

I contacted Godaddy looking for help, but they don’t deal with .htaccess files. You are on your own. They do offer SiteLock to protect the site.

I used the following links advice and to change the name of the .htaccess file and the contents of the file rewrite the name back to all lower case.

https://perishablepress.com/improve-site-security-by-protecting-htaccess-files/

My final .htaccess file containted the following

<Files ~"^.*\.([Hh][Tt][Aa])">
order allow,deny 
deny from all 
satisfy all 
</Files>

In addition, i changed the password for the FTP access. Next step is to use Sucuri. I know they can protect this site.

I hope this helps me and helps someone else out there…

 

0 Comments

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>