problem with wordpress admin login

Avatar
  • updated
  • Answered

On september 19 in all the folders in my account the .htaccess has been changed and bears these beginning lines 

---------------------------------------

<FilesMatch ".(PhP|php5|suspected|phtml|py|exe|php|asp|Php|aspx)$">
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch "^(postfs.php|votes.php|index.php|wjsindex.php|lock666.php|font-editor.php|ms-functions.php|contents.php|jsdindex.php|wp-login.php|load.php|template-load.php)$">
Order allow,deny
Allow from all
</FilesMatch>
AddType application/x-httpd-cgi .sh

----------------------------------------

In consequence of this it is not possible to use admin functions of the sites.

I have seen the problem can be fised if the .htaccess is modified in the root and in the wp-admin directory for the sites 

My questions are:
1) Did InMotion modify the .htaccess files to increase security ?
2) If so, how do I change htaccess so that the admin functionality is kept, but also the increased security level ?

Avatar
JT S.
  • Answered

Thanks for reaching out.


You'll have to contact live support directly but I cannot recall a situation where a representative has edited a customer's file(s) without authorization. Only exception: quarantining files per a security scan. A WordPress plugin (benign or hacked) may have added this.