cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Possible Malware in htaccess File

GoDaddy is suggesting that my website has malware. They suggest I review htaccess file...

The file doesn't seem to have much in it... but I guess my website needs it... ? (I'm a layman, by the way).

What should I do? Should I delete all code that is currently in the file? My website has just several pages.

Here is the code currently in the file:

 

RewriteEngine on RewriteRule ^2693701498/(.)$ excitation-autographing.php [QSA,L] RewriteEngine on RewriteRule ^8460001373/(.)$ lucas-leia.php [QSA,L]

Not sure if that was placed there by whatever hacking bot attacked the website...

Thank you in advance!

Link to the website.

5 REPLIES 5
Super User II Super User II
Super User II

Re: Possible Malware in htaccess File

@majesticoj

 

Based on your site I don't see how either of the .php files referenced have anything to do with your site.  If you did not add those lines delete them.

 

Also, it would be wise to change any and all passwords (including FTP users) related to your website immediately.

 

HTH! Smiley Wink

Judith
"Do one thing every day that scares you." ~ Eleanor Roosevelt

file htaccess is read only


Thanks @majesticoj. I have the same file, but it's read only. I don't see how to change permission. Can you please advise?


Muse wrote:

@majesticoj

 

Based on your site I don't see how either of the .php files referenced have anything to do with your site.  If you did not add those lines delete them.

 

Super User II Super User II
Super User II

Re: file htaccess is read only

@majesticoj

 

What platform are you on?

 

You can change permissions in your file manager or FTP into your server -- I use Filezilla. Then right click on the .htaccess file and choose File Permissions.  Try to set it at 664 and see if that makes a difference for you.

 

HTH! Smiley Wink

Judith
"Do one thing every day that scares you." ~ Eleanor Roosevelt

Re: Possible Malware in htaccess File

Hi 

you can find an excellent information at this link: طراحی سایت

Employee
Employee

Re: Possible Malware in htaccess File

.htaccess is the settings file for Apache, it's normal for the file to exist.

 

But those lines are almost certainly put there maliciously. They'd be cleaned up be godaddy's website security product, but I'd remove it from your file, and make sure the php files it is pointing to don't exist in your hosting.