dtkwt62022
dtkwt62022
2016-11-25 11:13

关于.htaccess文件的Wordpress攻击

已采纳

I get an Internal server error when I try to access my site. Server is actually working fine, I have access like usual in the ftp mode. For some reason I am being attacked, likely an XSS attack, that affects my .htaccess file making it look like that: lots of ##:

enter image description here

which results to a gigantic length of that line, making the server rendering it as a length overflow and not dipsplaying the site. When I try to modify that file, it has changed the permissions, so i first need to change them and then modify it. After I have deleted all the "#" site works fine. After some time, the same thing happens.

I have the latest wordpress installation, and have also installed wordfence. How can I stop this?

EDIT: Server admin says it hasn't to do with the server, because there are other wordpress sites with no problem.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

2条回答

  • doue1925 doue1925 5年前

    After changing the FTP password, there are no more unwanted file edits, thus no more overflow server issues.

    点赞 评论 复制链接分享
  • dongzan2740 dongzan2740 5年前

    There are two possibilities

    1) You/Some Plugin creator have created some bad PHP files in your WordPress installation which are writing to your .htaccess (maybe creating an endless loop) - this would probably be custom scripts as most Plugins in the WordPress repository have been tested

    2) Most likely your WordPress installation and/or server have been compromised/hacked. Your server admin definitly should take your request seriously.

    Steps to perform in case of hacked WordPress:

    1) Make a backup

    2) remove all files from the server and your database

    3) change all passwords (WordPress, FTP, Provider-Login, database etc. etc.)

    4) Make a fresh installation of WordPress

    5) Check your database sql for any malicious code before putting the database backup in again

    6) Check your WP-Content Folder for any malicious code before you put it on the server again

    In many cases some PHP file is corrupted by an attacker which may write to .htaccess

    点赞 评论 复制链接分享

相关推荐