I’m having a terrible time with someone maliciously creating .htaccess files on my linux (RH-FC4) box.
Somehow the person is finding all off the 777 folders and adding a .htaccess file which redirects visitors to their intended destination.
They’ve somehow put over a hundred of these all throughout my server. I’ve got about 60 domains on this box which is why there are so many.
I’ve tightened up a number of the directories but does anyone have suggestions on how I can keep this from happening in the future?
Thanks
I would say first step would be to update your OS! FC4 is five and a half years old! I’m sure there’s been security holes fixed since then, and he’s probably using one of those holes to do this.
Most definitely I can see that upgrading your OS will increasing the security.
My server/site was hacked and after I upgraded my OS, I no longer saw any hacking so I would recommended that first.
Ran into this problem as well on a clients server running Ubuntu 10.4. Here are the actions that I took:
So far, problem has not resurfaced.
Thank you everyone! I’ll see what I can do to take all of these steps. I’m only planning on having this particular machine for about 2 more months as I migrate to a new server.
Thanks!