Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Was hacked tonight.. .htaccess questions
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
blarneystone
Client



Joined: Sep 18, 2004
Posts: 62
PostPosted: Mon May 23, 2005 8:35 pm Reply with quote
Hi all,

The brazillians hacked my site tonight. I've popped it back up, but I am wary of the .htaccess file because when I upload it, it disappears from my ftp client view. What am I doing wrong?

Before dropping it into my site, I edited these two lines in it:

Code:
allow from all


Deny from 200


I've also banned 200.*.*.* using nuke sentinal.

I am not sure, but I think the logs were deleted. I had an exhausting day, so maybe I just can't find them. Sad
 
View user's profile Send private message Visit poster's website
CurtisH
Life Cycles Becoming CPU Cycles



Joined: Mar 15, 2004
Posts: 638
Location: West Branch, MI
PostPosted: Mon May 23, 2005 8:42 pm Reply with quote
Make sure you have your ftp client set to vew hidden files. .htaccess is hidden by default.

_________________
Those who dream by day are cognizant of many things which escape those who dream only by night. ~Poe 
View user's profile Send private message Visit poster's website Yahoo Messenger
blarneystone
PostPosted: Tue May 24, 2005 7:22 pm Reply with quote
thanks! worked. So do I have the .htaccess set right?
 
CurtisH
PostPosted: Tue May 24, 2005 8:49 pm Reply with quote
That I am not quite sure about. Mine looks like this:

Code:
RewriteEngine on 


#The next lines check for Email Spammers Robots and redirect them to a fake page 


#Check for Santy Worms and redirect them to a fake page 


RewriteCond %{HTTP_USER_AGENT} ^LWP                   [NC,OR] 


RewriteCond %{REQUEST_URI} ^visualcoders              [NC,OR] 


RewriteCond %{QUERY_STRING} rush=([^&]+)              [NC,OR] 


RewriteCond %{REQUEST_URI} ^envidiosos                [NC,OR] 


RewriteCond %{REQUEST_URI} ^civa                      [NC,OR] 


#variant-6 redirect all inner http:// request 


RewriteCond %{QUERY_STRING} ^(.*)http://(.*)            [NC,OR] 


#variant-7 redirect all inner http request regardless if encoded 


RewriteCond %{QUERY_STRING} ^(.*)http%3A%2F%2F(.*)      [NC] 


RewriteRule ^.*$ http://127.0.0.1 [R,L]


PHP_FLAG output_buffering on





deny from 4.43.114.8


deny from 69.166.185.116


deny from 66.196.90.56


deny from 4.43.114.8


deny from 128.208.6.141


deny from 64.246.165.170


deny from 68.103.60.86


deny from 198.54.202.82


deny from 10.64.10.152


deny from 63.238.163


deny from 64.246.165.150


deny from 64.246.165.160


deny from 69.148.96.231


deny from 63.242.77.34


deny from 64.246.165.190


All of the deny from were added by Sentinel

As for blocking the Brazilians... Quite a few people suggest that using Sentinel you ban the entire country using the Import Data -> Import to blocked ranges
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©