Latest Announcemnent
New thread

Help in Configuring .htacess

Status
Not open for further replies.
T

toRRfriend

Active Member
1,559
2010
309
50
hi guys,
my old unused site is hacked :(, hacker accessed the root i think so(he changed the index page), also panel is directadmin.
but i not used the .htaccess , this may be the reason for hacking

That's old story.....
Now my site in another host, with cpanel. :)

How to configure .htaccess file(in cpanel), where to put .htaccess file and how to write permissions.....

please tell me in brief, i not even touched/used that file....:(

Thanks :sun:
 
8 comments
In cpanel not whm there are options to password protect folders and setting up keys for ssh but nothing for .htaccess files. How did they hack your site? Might have been a hack to the server and they went through the hosts panel to hack your site.
 
In cpanel not whm there are options to password protect folders and setting up keys for ssh but nothing for .htaccess files. How did they hack your site? Might have been a hack to the server and they went through the hosts panel to hack your site.
Click to expand...
So that the problem with host.....?
(so how to know my host is secure......?)

hey upload your htaccess file through ftp.
Click to expand...
ok..but what i want to write in .htaccess file, i not used or tried and i need to put in all folders...?
 
torrfriend said:
So that the problem with host.....?
(so how to know my host is secure......?)


ok..but what i want to write in .htaccess file, i not used or tried and i need to put in all folders...?
Click to expand...


There are many different ways a hacker could of got in apart from it being your hosts fault.

.htaccess will affect every sub-directory after the directory you actually place it in. If you want your whole site to be affected by it then you would put it in your root web directory such as public_html or www in cPanel.
 
What did the hacker do exactly? Did he just embed code into your html? What CMS are you running if any. Did any of your directories/files need to be chmod'd?
 
Well to set up the .htaccess follow this. You don't actually need to create a .htaccess in cPanel because there is already one created. When you click File Manager in cPanel be sure to check Show Hidden Files on the pop-up that shows up. Now in the File Manager there is the .htaccess.

Edit it simply via the cPanel itself or download and re-upload via FTP once you are done editing.

To secure via .htaccess you can simply restrict access to a particular directory like admin folder, for example in Wordpress we have wp-admin folder. You can also deny any particular IP if you find suspicious via the .htaccess itself.

Examples for the same are below :

Code: 
order allow,deny
deny from 123.45.6.7
deny from 012.34.5.
allow from all

Preventing access to files like .htaccess

Code: 
<Files .htaccess>
order allow,deny
deny from all
</Files>

Here are more examples on how to secure website via .htaccess

Code: 
http://www.javascriptkit.com/howto/htaccess6.shtml
 
Status
Not open for further replies.
Back
Top