English: Python logo Deutsch: Python Logo English: Python logo Deutsch: Python Logo (Photo credit: Wikipedia)

A few day ago, I posted about a Wordpress .htaccess redirect hack that happened to me.

So I wrote a Python script that will help me find any .htaccess files that had the redirect domain. I uploaded it to my home folder in my server. Then used SSH to run it. Any Linux server most likely has Python installed. So you can run this script using:

python htaccess_hack_finder.py

It will then print out:

Bad: /location/of/bad

Each time it finds the string, which in my case was a few times for each file. Then you just open your FTP, find the bad files and remove the hack. This script will actually work to find any string in an .htaccess file.

Enhanced by Zemanta


Thanks, your article is very helpful, just in case that wasn't in the hack by wicked.

I saw your last post and see that you were missing the wordpress hardening for your WP Blog..You also should have get hold of your hosting provider to see how can avoid such future attempts, as there are tons of Wp exploits. .htaccess is just one of them. Having a WP blog is not something you can install and forget, it requires you to manage them, harden them from such attacks...

I've been having this kind of problem. My developer can't seem to find a solution but I'll have him see this script you got. Thanks for sharing. Great help for me!

Every time I do something on the internet, like write a blog post, there's always that fear of getting hacked any minute while I'm logged off, that keeps lurking in my mind. After all, so much of time, energy and effort goes into making and maintaining a blog. I'm always trying to figure out a way to keep it hack-proof or at least keep a track of any attempts of the same. But it all is so complicated sometimes, I don't get it. But with the help of this proper step by step representation, I find my confidence and courage a little restored! :D Thanks. Good job, there!

Add new comment

By submitting this form, you accept the Mollom privacy policy.