leninkster
PARKED
User Power
Value/Post Ratio
0% - New User
- Mar 28, 2022
- 1
- 0
I know this is late, but check your website for the following:
.htaccess files in EVERY folder under the HTML root. They probably have something like:
<FilesMatch ".*\.(py|exe|phtml|php|PHP|Php|PHp|pHp|pHP|phP|PhP|php5|suspected)$">
Order Allow,Deny
Deny from all
</FilesMatch>
<FilesMatch "^(awepdm.php|djetse.php|wp-ebnsy.php|wp-ctsou.php|moni-azhs.php|moni-snpq.php)$">
Order Allow,Deny
Allow from all
</FilesMatch>
in them. If you do, delete them all. There's no need for .htaccess files in any folder below html root, except for special circumstances. Better still change the web server config to disallow overrides with the .htaccess file.
Look for a ccx folder (or several) delete them all.
Check the *.php files in your server.
They are probably preprended with:
<?php
if($_SERVER["SCRIPT_NAME"] != "/index.php"){ header("HTTP/1.0 403 Forbidden");echo base64_decode("PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9JRVRGLy9EVEQgSFRNTCAyLjAvL0VOIj4KPGh0bWw+PGhlYWQ+Cjx0aXRsZT40MDMgRm9yYmlkZGVuPC90aXRsZT4KPC9oZWFkPjxib2R5Pgo8aDE+Rm9yYmlkZGVuPC9oMT4KPHA+WW91IGRvbid0IGhhdmUgcGVybWlzc2lvbiB0byBhY2Nlc3MgdGhpcyByZXNvdXJjZS48L3A+Cjxocj4KPC9ib2R5PjwvaHRtbD4=");die(); }
when you do a base64 decode on this you'll see:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
<hr>
</body></html>
This is what most people see. You can usually delete the code down to the next <?php stanza.
It's a lot of work on a tailor-built php website. With php packages, such as WordPress, it's easier to re-install. Just save all the files in your wp-content/uploads and ensure your wp-config.php file is clean.
.htaccess files in EVERY folder under the HTML root. They probably have something like:
<FilesMatch ".*\.(py|exe|phtml|php|PHP|Php|PHp|pHp|pHP|phP|PhP|php5|suspected)$">
Order Allow,Deny
Deny from all
</FilesMatch>
<FilesMatch "^(awepdm.php|djetse.php|wp-ebnsy.php|wp-ctsou.php|moni-azhs.php|moni-snpq.php)$">
Order Allow,Deny
Allow from all
</FilesMatch>
in them. If you do, delete them all. There's no need for .htaccess files in any folder below html root, except for special circumstances. Better still change the web server config to disallow overrides with the .htaccess file.
Look for a ccx folder (or several) delete them all.
Check the *.php files in your server.
They are probably preprended with:
<?php
if($_SERVER["SCRIPT_NAME"] != "/index.php"){ header("HTTP/1.0 403 Forbidden");echo base64_decode("PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9JRVRGLy9EVEQgSFRNTCAyLjAvL0VOIj4KPGh0bWw+PGhlYWQ+Cjx0aXRsZT40MDMgRm9yYmlkZGVuPC90aXRsZT4KPC9oZWFkPjxib2R5Pgo8aDE+Rm9yYmlkZGVuPC9oMT4KPHA+WW91IGRvbid0IGhhdmUgcGVybWlzc2lvbiB0byBhY2Nlc3MgdGhpcyByZXNvdXJjZS48L3A+Cjxocj4KPC9ib2R5PjwvaHRtbD4=");die(); }
when you do a base64 decode on this you'll see:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
<hr>
</body></html>
This is what most people see. You can usually delete the code down to the next <?php stanza.
It's a lot of work on a tailor-built php website. With php packages, such as WordPress, it's easier to re-install. Just save all the files in your wp-content/uploads and ensure your wp-config.php file is clean.
Dislike ads? Remove them and support the forum:
Subscribe to Fastlane Insiders.
