Msg#: 4372280 posted 5:54 pm on Oct 8, 2011 (gmt 0)
If your website resides on an Apache server using Linux, and you find FrontPage files in your site's folder that you didn't put there, would you assume someone other than you has access to the site's files?
I just moved my site to a new host. When I did, my htaccess file changed. The same changed htaccess file is also on the old host's server. I did not change it. It had this in it and only this. All my stuff was gone.:
<Limit GET POST PUT DELETE> order deny,allow deny from all </Limit> AuthName mywebsite.com AuthUserFile /home/mysite/public_html/_vti_pvt/service.pwd AuthGroupFile /home/mysite/public_html/_vti_pvt/service.grp
The two files referenced reveal the correct administrator name and an encrypted password.
I have a developer helping me with the move. The developer does use FrontPage. They claim they did not change the htaccess file. The new site host, who moved my files, claims he did not change the htaccess file. I did not change it.
I have since removed all the FrontPage folders from the new server. But my concern is if the developer didn't do it and if the host didn't do it, and if I didn't do it, then who did?
In the event it was an interloper, what is the best way to be sure my site is secure? They now have the user name and password and could already have created a back door to the new server.
I am assuming FrontPage doesn't and can't change an htaccess file automatically. Someone had to go into the file and edit it.
I have already informed the new host of this. He does not seem to be concerned. Should I be?