website monitoring alert Web Development & Design Blogs ip lookup

HTACCESS


When’s the last time you looked inside your website’s "HTACCESS" file? It really should become a part of your monthly (ack, weekly? daily?) audit routines. There could be gremlins at play you see…

Ok, here’s the gig, one day a mate comes along as asks me, “You mind Googling Twitter?” and I told him to mind his manners as I didn’t go for that kind of thing. Anyway, obliging him, the mighty Google was consulted and from what I could see, the oracle of the ‘Plex was behaving as normal.

Upon pressing for details as to what exactly he is seeing he sends me this;

Gooogle gets hijacked

As you can see the top results are for an Anti-virus website… NOT for Twitter

Being the curious type, I inquired with a few other folks to see what they were seeing. Sure enough, we were all seeing the proper set of results. Fair enough, it sounds like the hull has been compromised and he’s taking on water.

As we backtracked it seems there was a search result that had a peculiar behavior earlier that day. Upon clicking the top result in Google his AV software had done the jig, (although it may have been the Trojan mimicking to gain access). I went over to the website in question – and nothing.

I then searched the website in Google and clicked on the listing – voila! Sure enough you we’re redirected and a pop-up prompted to do a ‘security scan’ cough cough. This behavior ONLY happened when accessing the site via Google.

The HTACCESS Gremlins

What could this be one wondered. Certainly the mighty Goog’ has not fallen pray to wrong doers have they? After all they say they’ve done it before;

Google serves up malware????

Naw, that couldn’t be it.

Initial suspicions leaned towards the site being hacked, but the site administrator was as confused as a link baiter on truth serum, no hacks could be found. To be on the safe side, a few of those in the know, information retrievers, were consulted and one specializing in rarefied AIR (adversarial information retrieval) had the answer. Check the HTACCESS file; which was an enlightening journey.

You see kind reader, they had gone in and were redirecting ONLY the traffic from Google which then prompted and had caused the computer to be infected. Then, on subsequent searches they were intercepting it and sending back their own (modified) Google results. The sneaky little buggars.

Make it a part of your site audits

You can just imagine the reputation problems that could come from this not to mention its potential for sabotage. While this may not seem like the domain of the SEO, having low search engagement and possibly infecting visitors is sure to have negative effects ultimately. No matter how you look at it, from hacking to put nasty (outbound links) on competitor sites to redirecting incoming SERP requests, this is something SEOs need be aware of.

In the modern world of SEO, close ties with the security and system administrators is key. Everyone needs to be aware of the potential for such attacks and be vigilant. A lot of time and money (into search campaigns) could easily be washed away and replaced with a reputation management problem.

What to watch for - This type of attack is often found when you are using a CMS or WordPress type installation that requires the htaccess to be writable (such as SEF URL creation). To guard against it, be sure to chmod your hataccess so the at it’s not writable until you need to publish something new - then make it writable, create pages and then set it back again.





----------------------------------------------------------------------------------------------------------------------------------------------------

Sekedar sharing kumpulan daftar "PPC", yang selama ini opa pakai. Free register, tapi opamer bisa dapat income sebagai publisher/penayang iklan:


Susu Kambing Higoat Pertama di Indonesia

  1. google adsense
  2. Kumpulbloggerdotcom
  3. adsensecampcom
  4. klikbloggerDOTcom
  5. AdfDOTly
  6. ziddudotcom
  7. clicksordotcom
  8. KliksayaDOTcom



Opamer are reading the article HTACCESS and this article is http://opa-ma.blogspot.com/2009/04/htaccess.html
Hopefully this articleHTACCESS could be useful.
Via Mobile: www.opa-ma.blogspot.com/?m=1


MUNGKIN ARTIKEL DIBAWAH YANG ANDA CARI :




1 comment:

  1. :s :s :s
    thank Mr. Good information
    Your make website version english only
    Thank you

    ReplyDelete

ALANGKAH BAIK DAN BIJAK BILA COPY PASTE ARTIKEL OPA......!
DI IKUT SERTAKAN NAMA SUMBERNYA...............!

"http://opa-ma.blogspot.com"

THANK YOU






GUNAKAN "TAB" PADA KEYBOARD BILA CODE ATAU SUBMIT TIDAK MUNCUL ↓
|Joomla Template|Download|Hacker|Komputer|Tutorial|Cheat| Wisata|XML|

next Prev Home
 

Copyright 2008 - 2014 opa-ma.blogspot.com

.:: Maaf sedikit SELEKTIF, yang ingin pasang BANNER diharap webnya tidak berbau SARA dan PORNOGRAFI || Thank You buat pengunjung baru dan pengunjung lama di www.opa-ma.blogspot.com || Mohon di beri tau bila ada hostingan mati untuk kelancaran teman-teman sehabis Anda || Ctrl + D Gunanya agar komputer atau laptop sobat bisa mengingat Url ini || Semoga bermanfaat Amien ::.||