I have a simple wordpress website and it seems to be hacked. I used some plugins to scan it and they say my htaccess file is infected. Now I could use some help clean it up - specifically, to understand
What to look for to clean up? I.e. what does an "infection" in htaccess look like?
how can I prevent unauthorized access to the file in the future?
The htaccess in question is:
http://pastebin.com/TcWiQvNP
Here's default wordpress htaccess
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
also for permission
set chmd to 644
First, you need basic understanding of mod_rewrite configuration structure to understand what your current file does and be able to edit it correctly.
Now, the broadly defined redirects to some absolute URLs do look suspicious. But I don't know if the URLs correspond to your site or some other.
In general, you need to identify which directives are "alien" - i.e. do not correspond to the apps you're running at the server.
Related
I've been searching similar examples but I was not able to find the answer in WordPress.
In google analytics I can see various string types for the same url's coming in. I looked at the htaccess file and deactivated the cache system but it's still occurring. Not sure why yet.
Now in htaccess I would like to redirect all those url's to the correct one:
Example:
// CORRECT: ...domain.com/everest-nepal/
// INCORRECT 1: ...domain.com/everest-nepal/?/
// INCORRECT 2: ...domain.com/everest-nepal/?/=
// CORRECT 3: ...domain.com/everest-nepal/?amp (this is amp related and not interested in redirecting it to the canonical url)
Is there a possible rewrite condition that could be applied in htaccess to redirect all these url's coming with this strange /?* at the end avoiding the amp?
Thanks and regards
Enric
Once you update permalinks in wordpress admin you will get .htaccess code below like this, You need to create .htaccess file in your root folder, and paste this below code, this should work,
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I am setting up a very simple cache for my own WordPress plugin... I have been researching this here on StackOverflow and elsewhere for a couple of days. Found some great answers that were very close (looking for image files, etc), but none for this specific scenario - and modifying other solutions is not working.
I've got everything working except the rewrite rules to do the following:
Incoming request for either http / https
domain.com/page-slug/ OR domain.com/year/month/page-slug/
Need htaccess to first check the cache folder for
domain.com/wp-content/cache/myfolder/page-slug.html
(please note the incoming request can be for "/page-slug/" OR "/page-slug" and the cache file name has the ".html" extension to make it "page-slug.html")
If the cache file does not exist, then just
...go through the usual WordPress index.php process
Also -- what if there is no slug/page name in the url?
ie: the home page ... can htaccess direct
domain.com to domain.com/wp-content/cache/myfolder/index.html
and if the cached index.html does not exist, go to the WP index.php
Is there a way to do the above cache checks purely with the .htaccess rules? Any guidance would be greatly appreciated.
( I hope my explanation above was clear -- I get confused myself! LOL )
UPDATE:
I found a good answer in htaccess rewrite if file not exists in cache folder by anubhava and tried to modify it as follows, I think it is close, but its not quite working:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
# Admin area
RewriteRule ^admin(.*) admin$1 [L]
# Check if file *.* exist in the cache foldel
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{DOCUMENT_ROOT}/cache/ebg/$1 -f [NC]
RewriteRule ^(.+?)/?$ /cache/$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
If the above solutions don't work, please contact your web host provider. Most likely you don't have Mod_Rewrite activated on your webhost package.
I've been digging through all sorts of tutorials on this and messing with a bunch of multisite/htaccess stuff. Let me give you my scenario and see if someone can tell me what in the world to do to make it work.
I have a wordpress site in a folder
/mudmin6
That site is mudministry.org
I have another wordpress site (totally separate) in a subfolder of that site
/mudmin6/userspice
That site is userspice.com
Ideally I would like to be able to access this site by typing either of these two things...
mudministry.org/userspice
or
userspice.com
So far, that works. However, I can't do something that's really important.
I can't type, say
userspice.com/forums and get to my forums. I get an internal server error. The only way to get to the forums is to go all the way back to mudministry.org/userspice/forums
Can someone tell me what needs to change in my .htacces, wp-config, or wordpress dashboard to make this happen (and in what subfolder to make these changes?)
.htaccess for mudministry.org
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
<Files 403.shtml>
order allow,deny
allow from all
</Files>
.htaccess for userspice
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /userspice/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /userspice/index.php [L]
</IfModule>
# END WordPress
I know that there are a lot of people who will say why do I need to do this? I need to do it for a grant we have. The initial domain must be accessible by mudministry.org/userspice but it's also really annoying that I can't type userspice.com/anything and get to any of my pages.
Perhaps you can use the internal Proxy [P], I have not done this before, but let me know if this works.
You will want to put this into the root .htaccess
RewriteRule ^(userspice)/(.*)$ http://userspice.com/$2 [NC,P]
You may also want to use ProxyPassReverse to make sure any redirects are done as you expect. This may not work, depending on how you have relative and absolute urls used in your application. But if you dont mind that when the user starts to browse around in the userspice directory, that they are switched over to the userspice.com domain, this could work
what have you done since Wordpress v3.0, all direct PHP files are not working in WP, all are returning 404 page not found, I have created one plugin, it's loading /wp-content/plugins/myplugin/direct.php file and what am I seeing now, it shows me my WP site with title PAGE NOT FOUND 404, help me please I can't work with WP any more, all direct PHP files are not accessible and tracked as 404.
What should I do to turn off that terrible 404 or get my php files loaded.
Check your .htaccess file, maybe all URLs now are mapped to the index.php file of Wordpress.
Based on the provided rewrite rules, I would suggest to use this instead:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*shop/images/(\d+)/?\??(.*)$ /wp-content/plugins/shopp/core/image.php?siid=$1&$2 [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I'm not understanding the question. You're saying that you've created a plugin, and it's not calling in the files properly? (I'm assuming by "direct PHP file access" you mean you can't load a particular file that's within your plugin directory?)
Sounds like you're not using the correct paths. You should be using things like WP_PLUGIN_URL constants that are set up for you via WordPress (http://codex.wordpress.org/Determining_Plugin_and_Content_Directories) - i.e it doesn't sound like an .htaccess issue, it sounds like improper coding in the plugin.
Of course, without knowing what code you are using, it's difficult to say what the issue could be.
i have an really unusual problem i've never had before.
i've no .htaccess file on my server. looked everywhere, there is just no file, but a Wordpress Plugin (AskApacheRewriteRules) tells me that the following Rules are active:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
any idea why that could be, i've already wrote my hosting provider, but their service isn't the best.
even if i create an htaccess file with other rules and save it to my root of the server, it doesn't change anything. The plugin always tells me the same and i believe the plugin, because i'm having issues with the /index.php/ in my url (that i don't want to have).
any ideas?
On the AskApacheRewriteRules options page, did you make sure that using_index_permalinks is set to false and that using_mod_rewrite_permalinks is set to true? If this isn't the case, WordPress will attempt to use PATH_INFO for your permalinks, resulting in /index.php/(permalink_structure).
Note that the WordPress rewrite class stores its rewrite rules as a WordPress option in the database, which is where AskApacheRewriteRules gets its information. The plugin also apparently formats the rules with the mod_rewrite_rules function before echoing them to the page, which will surround them with:
<IfModule mod_rewrite.c>
...
</IfModule>
So, the likely reason you can't find the .htaccess file is because it doesn't exist; the rules are just present in the database. The reason why the rules are present in the database is because you're using permalinks, and this is the auto-generated WordPress ruleset, which is saved regardless of whether it's actually being used or not.
Edit: You must have a .htaccess file in the root of your web directory with the following contents:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
<IfModule !mod_rewrite.c>
# If mod_rewrite isn't available, we'll do this a hackish (and bad) way...
ErrorDocument 404 /index.php
</IfModule>
The rewrite_rules option is stored at SELECT option_value FROM wp_options WHERE option_name = 'rewrite_rules', but it gets regenerated every time you change the permalink, and isn't used except for writing to .htaccess from what I can tell.
Anyway, those are definitely the correct rules for what you want to do. Are you sure that mod_rewrite is enabled on your host?
Edit:
Let's make 100% sure that mod_rewrite is working correctly and go from there.
Create a .htaccess file in your web root with the following rules, exactly as written:
RewriteEngine On
RewriteRule ^rwtest http://stackoverflow.com/ [R,L]
Then go to your site with the URL example.com/rwtest and see if you get redirected to StackOverflow. If not, something is wrong with mod_rewrite. If you do, then at least we know that piece isn't the problem.
Have you checked if it's defined in your apache configuration file (it appears that the plug is showing an excerpt from that).