Website Redirecting, Htaccess Hack?
Ranked #3,739 in Computers & Electronics, #68,542 overall
Does your Webste Redirect Straight to Another Site?
Then you probably have the .htaccess hack. Here is some brief information on how it works, how to fix it and how you can protect yourself in the future.
Information on the .htaccess Hack you Should Know About
A fairly common hack doing the rounds at the moment is the .htaccess hack.
This is an easy hack for any would be hacker to run as it relies on either a website with poor protection or the use of the ftp password. They normally obtain this from a Trojan virus on your system. A common way of obtaining this is you get a pop up saying you have a virus and pointing you to the Anti virus 2009 home page. This is a well know trojan and should not be downloaded.
One of the main characteristics of this type of hack is that when you go to your home page it redirects you to another website.
The .htaccess file is used by many websites to tell the web server how to handle files. For example if your .htaccess file contained "AddType application/x-httpd-php .html" then it tells the web server to interpret any php code in the website as php, whereas it would normally be treated as html.
The .htaccess hacker overwrites your file and inserts code which does an automatic redirect to a website of their choice.
If you don't have a .htaccess file, then chances are the hacker will create one for you!
To identify if you have this hack is really easy. Open the .htaccess file and see if it compares to the backup copy you have.
They normally insert several pages of blank lines at the top of the .htaccess file so when you look at it there appears to be nothing there. Scroll down and you will normally find several lines of code to a website you will not recognise.
Fixing it is easy as well, just delete the one on your website and replace it with the one from your backup. Make sure you change the permissions on the file so it is not world writeable.
Things you can do to protect your self against this are
Ensure none of your files are world writeable.
Check your website on a regular basis.
Change your ftp password on a regular basis.
If you can use your hosts control panel to change/upload files rather than ftp. Many hacking attempts are done by harvesting ftp passwords when you use ftp to login.
Ensure you are running decent Anti Virus software and it is updated.That way you don't end up with a Trojan virus which steals your passwords.
If you are interested in making money online, then Newblogger has plenty of information you get you started.
This is an easy hack for any would be hacker to run as it relies on either a website with poor protection or the use of the ftp password. They normally obtain this from a Trojan virus on your system. A common way of obtaining this is you get a pop up saying you have a virus and pointing you to the Anti virus 2009 home page. This is a well know trojan and should not be downloaded.
One of the main characteristics of this type of hack is that when you go to your home page it redirects you to another website.
The .htaccess file is used by many websites to tell the web server how to handle files. For example if your .htaccess file contained "AddType application/x-httpd-php .html" then it tells the web server to interpret any php code in the website as php, whereas it would normally be treated as html.
The .htaccess hacker overwrites your file and inserts code which does an automatic redirect to a website of their choice.
If you don't have a .htaccess file, then chances are the hacker will create one for you!
To identify if you have this hack is really easy. Open the .htaccess file and see if it compares to the backup copy you have.
They normally insert several pages of blank lines at the top of the .htaccess file so when you look at it there appears to be nothing there. Scroll down and you will normally find several lines of code to a website you will not recognise.
Fixing it is easy as well, just delete the one on your website and replace it with the one from your backup. Make sure you change the permissions on the file so it is not world writeable.
Things you can do to protect your self against this are
Ensure none of your files are world writeable.
Check your website on a regular basis.
Change your ftp password on a regular basis.
If you can use your hosts control panel to change/upload files rather than ftp. Many hacking attempts are done by harvesting ftp passwords when you use ftp to login.
Ensure you are running decent Anti Virus software and it is updated.That way you don't end up with a Trojan virus which steals your passwords.
If you are interested in making money online, then Newblogger has plenty of information you get you started.
Htaccess Further Information
Hacking Information
Security Resources
Computer security
by gdwebs
Hi this is the squidoo bio for the Draper family.
Guy Draper
Guy has worked in IT for around 20 years now. Originally starting when punch cards where...
more »
- 4 featured lenses
- Winner of 4 trophies!
- Top lens » Website Redirecting, Htaccess Hack?
Feeling creative?
Create a Lens!
