Comments on: Bogus Antivirus 2009 .htaccess Exploit.

By: Denis

Denis — Sun, 11 Apr 2010 09:00:17 +0000

Apperantly, read-only permissions won't work since in most cases this sort of hacks are done using stolen FTP credentials. You need to scan your computer for malware and then change all site password. And don't save your new passwords in FTP clients. If possible, switch to SFTP from FTP.

By: kevin dock

kevin dock — Wed, 07 Apr 2010 21:54:38 +0000

This has been driving me mad the last couple of weeks. My site has a .htaccess file that is continually modified with the redirects. I tried creating a blank version AND chmod thye file to READ ONLY access but this did not work. I have now changed the passwords to the site. Is this problem coming from my local machine and being passed to the web server or is the problem at the web server/hosting end ?

By: Denis

Denis — Sat, 02 Jan 2010 07:22:49 +0000

http://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol

By: Wordpress/Website Security Exploits | Shoultes.net

Wordpress/Website Security Exploits | Shoultes.net — Sat, 02 Jan 2010 03:32:34 +0000

[...] http://blog.unmaskparasites.com/2008/12/05/bogus-antivirus-2009-htaccess-exploit/ [...]

By: webeveron

webeveron — Thu, 31 Dec 2009 12:18:11 +0000

what is SFTP ? plz let me know

By: Antivirus

Antivirus — Fri, 16 Oct 2009 15:30:27 +0000

This article is very helpful. How much protection do the 755 and 644 permissions provide? Will they singlehandedly protect my website from hackers, trojans, and viruses? If so, why has no one told me about them sooner? I like that I can use google to search for my website and see if it has been infected with a trojan, by whether or not the search engine allows access to it. I am glad that the number one search engine in the country is so trustworthy.

By: vincent

vincent — Wed, 29 Jul 2009 14:02:18 +0000

I do have a windows 2003 server that received an .htaccess files once or twice a week, because all the file a read-only, nothing happens except the paste of the .htaccess file. If read-only is not activated on files, some js a write into the file.

By: iHenshin

iHenshin — Wed, 18 Feb 2009 06:53:17 +0000

Wow this really helped me! Thanks. I’m a Webmaster but not that expert.

Thanks a million.

By: Denis

Denis — Thu, 12 Feb 2009 10:04:10 +0000

Could you find out how they managed to updload those files to yor site?

By: Help

Help — Wed, 11 Feb 2009 23:35:16 +0000

rename(“htt”,”.htaccess”);
unlink(“m.php”);
echo “OK”;