Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9

To: Lista Debian User <debian-user@lists.debian.org>
Subject: Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
From: Dr Beco <rcb@beco.cc>
Date: Wed, 22 Aug 2012 19:15:51 -0300
Message-id: <[🔎] CALuYw2yDehk99ygBD+anf+FbJ+WT2J2MJ6KMpMQ=nqOpHdqAAQ@mail.gmail.com>
In-reply-to: <[🔎] CALuYw2xm0Z0EBijgExpJyH0npkLxAJ11eb4idYAtoXvUW6m4oA@mail.gmail.com>
References: <[🔎] CALuYw2xm0Z0EBijgExpJyH0npkLxAJ11eb4idYAtoXvUW6m4oA@mail.gmail.com>

Henrique de Moraes Holschuh, Wed, 22 Aug 2012 16:41:59 -0300:
>
> If you have root access, try to use chattr to mark that file as
> immutable (chattr +i).
>
> But really, if they keep changing your .htaccess, it means they have
> compromised the box, and will remain compromising it until you clean the
> box (probably rebuild from scratch) AND close the security holes.


Dear Henrique,

For this system I don't have root access. It is managed abroad by a
"host farm". I already wrote to them to report the (second) problem.

I hope they find the main problem now, instead of just giving another
quick fix.

Also, I cannot ask them to reinstall the system from scratch, as the
same server hosts more websites.


Thanks!

Beco







-- 
Dr. Beco
A.I. research, Cognitive Scientist and Philosopher
Linux Counter #201942

Reply to:

Follow-Ups:
- Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

References:
- Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
  - From: Dr Beco <rcb@beco.cc>

Prev by Date: Dual-Monitor help
Next by Date: Re: Dual-Monitor help
Previous by thread: Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
Next by thread: Re: Hacked .htaccess redirect to htttp://reltime2012.ru/frunleh?9
Index(es):
- Date
- Thread