Home Forums Themes Support Claue Weird .htaccess files appearing all over site folders

Viewing 3 reply threads
  • Author
    Posts
    • #38749
      marcdevilliers
      Supported

      Hi there,

      Nice theme btw!

      We’re busy building a new site on Claue theme, here: https://adventure-addicts.com/

      – but logging in as Admin, we get the following message:

      Forbidden
      You don’t have permission to access this resource.

      Apache Server at adventure-addicts.com Port 443

      – on investigation into the site folders and files, we find following .htaccess file dotted around the site folders:

      .htacces file with the following content:

      <FilesMatch “.*\.(phtml|php|PhP|php5|suspected)$”>
      Order Allow,Deny
      Deny from all
      </FilesMatch>

      – Any idea what may be causing this?

      This is a fresh installation from a few days ago, so it seems unlikely that the site has been hacked?

    • #38750
      Harry
      Supported

      Hi Marc,

      Thank you for bought our theme.

      This issue related to hosting. Please contact your hosting support to fix issue.

      Kind regards

      Harry
      Premium Wordpress themes and plugins, Best WooCommerce theme https://themeforest.net/user/janstudio/portfolio?ref=janstudio

    • #38796
      marcdevilliers
      Supported

      Hi Harry,

      We’re getting further feedback on the site issues, it looks like the site was breached/hacked, a day or 2 after installation, this has never happened to us before (so soon after theme installation), so we deleted this installation (it was still relatively new) and re-created the site, loading Wordfence up-front and Login Recaptcha, a day or 2 later, we got this message from Wordfence:

      This email was sent from your website “Claue” by the Wordfence plugin.

      Wordfence found the following new issues on “Claue” (1 existing issue was also found again).

      Alert generated at Wednesday 7th of October 2020 at 02:30:47 PM

      See the details of these scan results on your site at: https://adventure-addicts.com/wp-admin/admin.php?page=WordfenceScan

      Medium Severity Problems:

      * The Plugin “Blogger Importer” appears to be abandoned (updated April 3, 2017, tested to WP 4.3.24).

      https://wordpress.org/plugins/blogger-importer/#developers

      * The Plugin “Categories to Tags Converter” appears to be abandoned (updated October 16, 2014, tested to WP 4.1.31).

      https://wordpress.org/plugins/wpcat2tag-importer/#developers

      * The Plugin “LiveJournal Importer” appears to be abandoned (updated October 16, 2014, tested to WP 4.1.31).

      https://wordpress.org/plugins/livejournal-importer/#developers

      * The Plugin “Movable Type and TypePad Importer” appears to be abandoned (updated January 24, 2016, tested to WP 4.1.31).

      https://wordpress.org/plugins/movabletype-importer/#developers

      * The Plugin “RSS Importer” appears to be abandoned (updated July 12, 2018, tested to WP 4.7.18).

      https://wordpress.org/plugins/rss-importer/#developers

      * The Plugin “Tumblr Importer” appears to be abandoned (updated February 16, 2018, tested to WP 4.1.31).

      https://wordpress.org/plugins/tumblr-importer/#developers

      1 existing issue was found again and is not shown.

      – These issues raise serious concerns for us regarding the security and validity of your theme and plugins.- please could you respond to this as a matter of urgency.

      Many thanks.

      Marc de Villiers

    • #38800
      Harry
      Supported

      Hi Marc,

      These plugins you see in message not come with our theme and they is old on your site. Please delete all plugins from Wordfence message and try again.

      Kind regards

      Harry
      Premium Wordpress themes and plugins, Best WooCommerce theme https://themeforest.net/user/janstudio/portfolio?ref=janstudio

Viewing 3 reply threads

You must be logged in to reply to this topic.