tag:blogger.com,1999:blog-7683207196964355029.post4637165479304077935..comments2023-03-22T03:11:48.525-07:00Comments on Web.focus(): Sites Hacked? .htaccess files were code injectedBrian Wendthttp://www.blogger.com/profile/17116120472408476286noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-7683207196964355029.post-74826516936386661822012-07-30T00:23:48.531-07:002012-07-30T00:23:48.531-07:00Hey Geoff, sorry for the delay in responding... re...Hey Geoff, sorry for the delay in responding... really your best option is to update Wordpress. If you can't do that, you could make your .htaccess redirect requests to it. If you have access to change your file permissions, I think you could do 770 without breaking it's legitimate use.Brian Wendthttps://www.blogger.com/profile/17116120472408476286noreply@blogger.comtag:blogger.com,1999:blog-7683207196964355029.post-5304718588297382102012-07-12T07:01:56.096-07:002012-07-12T07:01:56.096-07:00I got hit by the same hack. The hackers screwed up...I got hit by the same hack. The hackers screwed up and mis-spelled a URL (starting it with "htttp"!), which caused my whole WP site to lock up. I cleaned it all up (or so I thought); 24 hours later it was hacked again. Rinse, repeat, watch the logs... and this morning it was hacked again. This time I could identify the exact time of the hack, and checking the logs I saw the reference to the ".cache_000.php" file you mention.<br /><br />The obvious question is, how did the file get into my uploads directory? And how can I tell PHP not to execute anything from uploads?Geoffhttps://www.blogger.com/profile/07521391745343783288noreply@blogger.com