Ticket #917 (new defect)
Any misc files in Transition Culture web root?
Reported by: | sam | Owned by: | chris |
---|---|---|---|
Priority: | minor | Milestone: | Maintenance |
Component: | Parrot server | Keywords: | |
Cc: | Estimated Number of Hours: | 0.0 | |
Add Hours to Ticket: | 0 | Billable?: | yes |
Total Hours: | 0.1 |
Description
Hi Chris
Simon from Lumpy lemon has migrated Transition Culture.
We only have WP admin access & he was wondering:
"Just one small question: can you check in the webroot folder on your server and let me know if there are any non-WordPress files in there? e.g. Google verification files, that sort of thing. I don't think there should be, but best to check. If there are, can you send them over."
Thanks
Sam
Change History
comment:1 Changed 4 months ago by chris
- Add Hours to Ticket changed from 0.0 to 0.1
- Total Hours changed from 0.0 to 0.1
comment:2 Changed 4 months ago by chris
This is the contents of the .htaccess file, Simon sould be able to get all the other files via HTTP, of course if he would like SSH access that can also be sorted out.
Redirect /feed/ http://www.transitionnetwork.org/blogs/feed/rob-hopkins/ # This was being abused <Files xmlrpc.php> Order deny,allow deny from all </Files> # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress # BEGIN WORDPRESS PLUGIN stop_xmlrpc_attack <Files "xmlrpc.php"> order deny,allow deny from all allow from 10.0.0.0/8 allow from 64.34.206.0/24 allow from 76.74.248.128/25 allow from 76.74.255.0/25 allow from 127.0.0.0/8 allow from 172.16.0.0/12 allow from 192.0.64.0/18 allow from 192.168.0.0/16 allow from 198.181.116.0/22 allow from 207.198.101.0/25 </Files> # END WORDPRESS PLUGIN stop_xmlrpc_attack
Note: See
TracTickets for help on using
tickets.
Here is a list of the files: