We help IT Professionals succeed at work.
Get Started

htaccess or mod_rewrite

Last Modified: 2013-12-04
I'm working with a site with Zen Cart that someone seems to be exploiting the image folders at. Because those folders need write capabilities to upload product images from the admin area, they are using that to continually write php and txt files to these folders.

Those files have coding in them that also allows them other access when they choose.

(And to be one step clearer - I've moved the site recently to a completely new host after first completely removing all traces of any virus/hack. This appears, according to logs, to be happening by direct access through one of the zen upload capabilities using the site's regular url.)

Can writing of all files except the image files be blocked using the htaccess file in the root? If so, what is the correct addition to the htaccess that would cover ALL image folders through the site? (There's also a root image folder, wordpress, sub-directories, etc.)

Any thoughts on how to prevent this?
Watch Question
This problem has been solved!
Unlock 1 Answer and 3 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE