Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
blarneystone
Client


Joined: Sep 18, 2004
Posts: 62

PostPosted: Mon May 23, 2005 8:35 pm Reply with quote

Hi all,

The brazillians hacked my site tonight. I've popped it back up, but I am wary of the .htaccess file because when I upload it, it disappears from my ftp client view. What am I doing wrong?

Before dropping it into my site, I edited these two lines in it:

Code:
allow from all

Deny from 200


I've also banned 200.*.*.* using nuke sentinal.

I am not sure, but I think the logs were deleted. I had an exhausting day, so maybe I just can't find them. Sad
 
View user's profile Send private message Visit poster's website
CurtisH
Life Cycles Becoming CPU Cycles


Joined: Mar 15, 2004
Posts: 638
Location: West Branch, MI

PostPosted: Mon May 23, 2005 8:42 pm Reply with quote

Make sure you have your ftp client set to vew hidden files. .htaccess is hidden by default.

_________________
Those who dream by day are cognizant of many things which escape those who dream only by night. ~Poe 
View user's profile Send private message Visit poster's website Yahoo Messenger
blarneystone
PostPosted: Tue May 24, 2005 7:22 pm Reply with quote

thanks! worked. So do I have the .htaccess set right?
 
CurtisH
PostPosted: Tue May 24, 2005 8:49 pm Reply with quote

That I am not quite sure about. Mine looks like this:

Code:
RewriteEngine on 

#The next lines check for Email Spammers Robots and redirect them to a fake page
#Check for Santy Worms and redirect them to a fake page
RewriteCond %{HTTP_USER_AGENT} ^LWP                   [NC,OR]
RewriteCond %{REQUEST_URI} ^visualcoders              [NC,OR]
RewriteCond %{QUERY_STRING} rush=([^&]+)              [NC,OR]
RewriteCond %{REQUEST_URI} ^envidiosos                [NC,OR]
RewriteCond %{REQUEST_URI} ^civa                      [NC,OR]
#variant-6 redirect all inner http:// request
RewriteCond %{QUERY_STRING} ^(.*)http://(.*)            [NC,OR]
#variant-7 redirect all inner http request regardless if encoded
RewriteCond %{QUERY_STRING} ^(.*)http%3A%2F%2F(.*)      [NC]
RewriteRule ^.*$ http://127.0.0.1 [R,L]
PHP_FLAG output_buffering on

deny from 4.43.114.8
deny from 69.166.185.116
deny from 66.196.90.56
deny from 4.43.114.8
deny from 128.208.6.141
deny from 64.246.165.170
deny from 68.103.60.86
deny from 198.54.202.82
deny from 10.64.10.152
deny from 63.238.163
deny from 64.246.165.150
deny from 64.246.165.160
deny from 69.148.96.231
deny from 63.242.77.34
deny from 64.246.165.190


All of the deny from were added by Sentinel

As for blocking the Brazilians... Quite a few people suggest that using Sentinel you ban the entire country using the Import Data -> Import to blocked ranges
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©