Home › Forums › Themes Support › Claue › Weird .htaccess files appearing all over site folders
- This topic has 3 replies, 2 voices, and was last updated 3 years, 6 months ago by
Harry.
-
AuthorPosts
-
-
October 5, 2020 at 6:41 pm #38749
Hi there,
Nice theme btw!
We’re busy building a new site on Claue theme, here: https://adventure-addicts.com/
– but logging in as Admin, we get the following message:
Forbidden
You don’t have permission to access this resource.Apache Server at adventure-addicts.com Port 443
– on investigation into the site folders and files, we find following .htaccess file dotted around the site folders:
.htacces file with the following content:
<FilesMatch “.*\.(phtml|php|PhP|php5|suspected)$”>
Order Allow,Deny
Deny from all
</FilesMatch>– Any idea what may be causing this?
This is a fresh installation from a few days ago, so it seems unlikely that the site has been hacked?
-
October 5, 2020 at 6:59 pm #38750
Hi Marc,
Thank you for bought our theme.
This issue related to hosting. Please contact your hosting support to fix issue.
Kind regards
Harry
Premium Wordpress themes and plugins, Best WooCommerce theme https://themeforest.net/user/janstudio/portfolio?ref=janstudio -
October 9, 2020 at 8:28 pm #38796
Hi Harry,
We’re getting further feedback on the site issues, it looks like the site was breached/hacked, a day or 2 after installation, this has never happened to us before (so soon after theme installation), so we deleted this installation (it was still relatively new) and re-created the site, loading Wordfence up-front and Login Recaptcha, a day or 2 later, we got this message from Wordfence:
This email was sent from your website “Claue” by the Wordfence plugin.
Wordfence found the following new issues on “Claue” (1 existing issue was also found again).
Alert generated at Wednesday 7th of October 2020 at 02:30:47 PM
See the details of these scan results on your site at: https://adventure-addicts.com/wp-admin/admin.php?page=WordfenceScan
Medium Severity Problems:
* The Plugin “Blogger Importer” appears to be abandoned (updated April 3, 2017, tested to WP 4.3.24).
https://wordpress.org/plugins/blogger-importer/#developers
* The Plugin “Categories to Tags Converter” appears to be abandoned (updated October 16, 2014, tested to WP 4.1.31).
https://wordpress.org/plugins/wpcat2tag-importer/#developers
* The Plugin “LiveJournal Importer” appears to be abandoned (updated October 16, 2014, tested to WP 4.1.31).
https://wordpress.org/plugins/livejournal-importer/#developers
* The Plugin “Movable Type and TypePad Importer” appears to be abandoned (updated January 24, 2016, tested to WP 4.1.31).
https://wordpress.org/plugins/movabletype-importer/#developers
* The Plugin “RSS Importer” appears to be abandoned (updated July 12, 2018, tested to WP 4.7.18).
https://wordpress.org/plugins/rss-importer/#developers
* The Plugin “Tumblr Importer” appears to be abandoned (updated February 16, 2018, tested to WP 4.1.31).
https://wordpress.org/plugins/tumblr-importer/#developers
1 existing issue was found again and is not shown.
– These issues raise serious concerns for us regarding the security and validity of your theme and plugins.- please could you respond to this as a matter of urgency.
Many thanks.
Marc de Villiers
-
October 9, 2020 at 9:27 pm #38800
Hi Marc,
These plugins you see in message not come with our theme and they is old on your site. Please delete all plugins from Wordfence message and try again.
Kind regards
Harry
Premium Wordpress themes and plugins, Best WooCommerce theme https://themeforest.net/user/janstudio/portfolio?ref=janstudio
-
-
AuthorPosts
You must be logged in to reply to this topic.