Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9

To: Lista Debian User <debian-user@lists.debian.org>
Subject: Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Wed, 22 Aug 2012 16:41:59 -0300
Message-id: <[🔎] 20120822194159.GA29189@khazad-dum.debian.net>
In-reply-to: <[🔎] CALuYw2xm0Z0EBijgExpJyH0npkLxAJ11eb4idYAtoXvUW6m4oA@mail.gmail.com>
References: <[🔎] CALuYw2xm0Z0EBijgExpJyH0npkLxAJ11eb4idYAtoXvUW6m4oA@mail.gmail.com>

On Wed, 22 Aug 2012, Dr Beco wrote:
> Does anyone knows how to protect against unauthorized change of .htaccess?

If you have root access, try to use chattr to mark that file as
immutable (chattr +i).

But really, if they keep changing your .htaccess, it means they have
compromised the box, and will remain compromising it until you clean the
box (probably rebuild from scratch) AND close the security holes.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
  - From: Dr Beco <rcb@beco.cc>

Prev by Date: RE: Display Resolution (SOLVED)
Next by Date: Re: alsa-base breaks linux-sound-base
Previous by thread: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
Next by thread: Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
Index(es):
- Date
- Thread