Menu

Topic-icon Malware scanner marks HTACCESS file

  • SzymonG
  • SzymonG's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
4 months 3 weeks ago #6568 by SzymonG
Malware scanner marks HTACCESS file was created by SzymonG
Hello!
Recently on one of my websites the malware scanner marked the .htaccess file as suspiciuos.
In "Malware code found" field it reads:

Linia 0
RewriteCond %{HTTP_REFERER} ! www.mydomain.com/administrator/
RewriteCond %{QUERY_STRING} !^Rs............................
RewriteRule ^.*administrator/? /not_found [R,L]
## End Securitycheck Pro Hide Backend Url

For security reasons in this post I have hidden the secret key in "RewriteCond %{QUERY_STRING}" and changed the domain name to "mydomain.com" :):)
Should I worry about this or it is a false positive? The site is working fine!
The only change that has been made to the site recently was switching to HTTPS. At the same time I have added to my HTACCESS file the standard line:

RewriteEngine On
RewriteCond %{HTTPS} OFF
RewriteRule (.*) ">">https://%{HTTP_HOST}%{REQUEST_URI}>

Regards -
Simon

P.S. CMS Joomla 3.9.3, PHP 7.1.13

Please Log in or Create an account to join the conversation.

More
4 months 3 weeks ago #6569 by Jose
Replied by Jose on topic Malware scanner marks HTACCESS file
Hi Simon,

This is a false positive; when you add the backend protection a redirection is added into the .htacess.

This technique is also used to redirect websites to malicious content or other websites; this is why you get the alert.

Regards,
Jose
The following user(s) said Thank You: SzymonG

Please Log in or Create an account to join the conversation.

Time to create page: 0.063 seconds
Powered by Kunena Forum

Login or Sign In