homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

FrontPage files on the Apache server
Using info to hack into site...
grandma genie

Msg#: 4372280 posted 5:54 pm on Oct 8, 2011 (gmt 0)

If your website resides on an Apache server using Linux, and you find FrontPage files in your site's folder that you didn't put there, would you assume someone other than you has access to the site's files?

I just moved my site to a new host. When I did, my htaccess file changed. The same changed htaccess file is also on the old host's server. I did not change it. It had this in it and only this. All my stuff was gone.:

# -FrontPage-

Options None

order deny,allow
deny from all
AuthName mywebsite.com
AuthUserFile /home/mysite/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/mysite/public_html/_vti_pvt/service.grp

The two files referenced reveal the correct administrator name and an encrypted password.

I have a developer helping me with the move. The developer does use FrontPage. They claim they did not change the htaccess file. The new site host, who moved my files, claims he did not change the htaccess file. I did not change it.

I have since removed all the FrontPage folders from the new server. But my concern is if the developer didn't do it and if the host didn't do it, and if I didn't do it, then who did?

In the event it was an interloper, what is the best way to be sure my site is secure? They now have the user name and password and could already have created a back door to the new server.

I am assuming FrontPage doesn't and can't change an htaccess file automatically. Someone had to go into the file and edit it.

I have already informed the new host of this. He does not seem to be concerned. Should I be?




WebmasterWorld Senior Member 10+ Year Member

Msg#: 4372280 posted 6:20 pm on Oct 8, 2011 (gmt 0)

Every time you install or reinstall the FP Extensions, it automatically overwrites the htaccess file.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved