Romeo - 1:06 pm on Apr 3, 2008 (gmt 0)

I've deleted the ht access file multiple times and they somehow keep getting it in there to redirect. Any help would be greatly appreciated!

Well, there may be a lot of different reasons you should carefully analyze to finally chose one of the following:

(1) someone saw your FTP password written on the yellow post-it sticker on your flat screen - d'oh.
(2) your client side FTP password got sniffed by a keylogger on your client workstation and sent to a bad guy, after you caught a virus 3 months ago.
(3) your FTP password got intercepted when it traversed the net in the clear (FTP sends passwords and data unencrypted).
(4) your shared host is so badly configured that each user can easily read or write content of arbitrary other users.
(5) your shared host has some internal security problem that could be exploited by one user to get root privileges and alter content of other users.
(6) your shared host or your dedicated server has some externally exploitable security problem (e.g. a security hole in the admin panel or other system software, or caught a root kit) that invites attackers from all over the world into the server to play their games, perhaps even using automated scripts to achieve mass-defacements.
(7) you have put up insecure and expoitable scripts (PHP, perl, whatever) on your server on your own to achieve similar effects to those explained in (6).
(8) on a shared host, another user has put up insecure and exploitable scripts (like in (7)), and you are enjoying the fallout from this.

Some options are unlikely (like (3)), some are *very* likely (options (7) or (8)).

Think about all possibilities and take appropriate countermeasures, some effects are under your own control, and some effects may come from the fallout out of a shared hosting environment:
(1/2) : secure your local environment
(3) : use other protocols (rsync), if possible
(4/5/6/8) : move to another hoster, or, to avoid the risk of shared hosting, move to a dedicated server (and if you are on a dedicated server, ensure that it is administered properly and security patches get always applied in time).
(7) : exercise safe and secure computing: only put quality software onto your server, that you can trust and that has been developed with a strong eye on security aspects. Don't use own scripts unless you know what you are doing and have fully understood all security risks that may be imposed.

HTH and kind regards,
R.

[edited by: Romeo at 1:11 pm (utc) on April 3, 2008]