1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Files 403.shtml , order allow,deny , allow from all

Discussion in 'Apache' started by postcd, Mar 12, 2015.

  1. #1
    Hello, i found following paragraph in my .htaccess file:
    <Files 403.shtml>
    order allow,deny
    allow from all
    </Files>
    Code (markup):
    please what that mean? That 403.shtml page should be always accessible to all? isnt that so by default, so why it is there?
    SEMrush
     
    postcd, Mar 12, 2015 IP
    SEMrush
  2. nasium

    nasium Active Member

    Messages:
    114
    Likes Received:
    4
    Best Answers:
    1
    Trophy Points:
    90
    #2
    Looks like it could be a XSS backdoor. I would remove it and the file from your server.
     
    nasium, Mar 16, 2015 IP
    postcd likes this.
  3. postcd

    postcd Well-Known Member

    Messages:
    1,007
    Likes Received:
    8
    Best Answers:
    1
    Trophy Points:
    190
    #3
    i found that code in around 15 .htaccess file inside my hosting account, if that somehow allow anyone to do 403 forbidden actions, than im glad it was found
     
    postcd, Mar 17, 2015 IP
  4. nasium

    nasium Active Member

    Messages:
    114
    Likes Received:
    4
    Best Answers:
    1
    Trophy Points:
    90
    #4
    You might want to contact your hosting provider about what you found.
     
    nasium, Mar 17, 2015 IP
  5. postcd

    postcd Well-Known Member

    Messages:
    1,007
    Likes Received:
    8
    Best Answers:
    1
    Trophy Points:
    190
    #5
    thx, i want to ask if anyone else can confirm mentioned code is malicious as i found it in more than one hosting account of mine, in .htaccesses from different content management systems.. just want to be sure i can safelly remove it from everywhere i find it
     
    postcd, Mar 18, 2015 IP
  6. Xristoph Cvetanov

    Xristoph Cvetanov Member

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    31
    #6
    Are you sure you didn't generate the htaccess code yourself from your hosting control panel? Seems like a legit piece of code if you're trying to prevent certain ips from view site... need to show them something, right, so why not a 403 error?

    Here, read this thread as it looks like this is cPanel functionality relating to parked or add-on domains within the same account.
    https://forums.cpanel.net/threads/htaccess-file-deny-from-all-redirects-to-404-not-found-on-403-shtml.293032/
     
    Last edited: Jan 21, 2016
    Xristoph Cvetanov, Jan 21, 2016 IP
  7. Jackel.ca

    Jackel.ca Well-Known Member

    Messages:
    106
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    128
    #7
    I would suggest this as well. It's possible that your provider has implemented regeneration of the said file for a reason considering it has shown up multiple times. And really, may not be a security threat to you at all.

    Consider looking at this article: http://www.cyberciti.biz/faq/apache-403-forbidden-error-and-solution/
     
    Jackel.ca, Feb 4, 2016 IP