The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

htaccess woes

Discussion in 'Security' started by MrPlow, Nov 10, 2011.

  1. MrPlow

    MrPlow Registered

    Joined:
    Nov 10, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    My joomla based website is getting hacked on a daily basis. I'm trying to setup a whitelist while still allowing the search engines access.

    I'd like the htaccess to only allow the major search engines and the IP's I specify to gain access. The IP's which are not on the whitelist I'd like to redirect to a contact form (contact.html).

    From the research I've done:

    ErrorDocument 403 /contact.html
    order deny,allow
    deny from all
    allow from xxx.xxx.xxx.xxx

    I'm struggling to find a suitable way of allowing the major search engines access.

    I'd just like to be 100% sure everything is right before I add the htaccess file.


    I understand my main priority should be building a more secure site, but I'd like to allow the exisitng users access to the current site until I've resolved the security issue.

    Any help would be appreciated
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Search engines is how the bad guys find you. Outdated modules and insecure scripts is how you get into trouble.

    If you're looking for a way to allow users in and keep the rest out, password protect it instead. Give your dedicated users the login details for it.
     
  3. MrPlow

    MrPlow Registered

    Joined:
    Nov 10, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Thanks for the reply. In this case the bad guys are attacking the site because I stopped them hotlinking my work. I was hoping to use the htaccess so I could keep my site open for my regular visitors with out risk of them being infected from the hacked site, at least until I can build a non-joomla site.

    I've worked hard on the site and its doing well on googles ranking which I'm going to lose if I can't work out how to setup the exceptions in the htaccess
     
  4. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    When you say that they're hacking your site, can you be more specific? Are they hacking in to the server, or through the Joomla admin?

    If it's the server they're hacking, the solution is pretty simple; disable PasswordAuthentication, and PubkeyAuthentication instead. This will guarantee that the only way in to the server is if they're physically on your computer.

    Failing that, install CSF firewall (an awesome freebie). This can be set to automatically blacklist any IP that has multiple failed login attempts, and you can manually block IP addresses (and IP ranges).

    Check it out:

    ConfigServer Services

    You can also use .htaccess to block most foreign IPs by range, but that's not quite perfect; any decent hacker is going to use a US based proxy to get around it. I can send you the list that I block; I'd rather not post it (otherwise, they could just use the list to get around it). Let me know if you want it.
     
Loading...

Share This Page