.httacess was missing but was hiden and replaced 10 milion people affected 50k emails

Advertisement

12321313213vwev2qf
Joined:
Posts:
1
Location:
London

.httacess was missing but was hiden and replaced 10 milion people affected 50k emails

Today was nice day for some intern in our company one person got fired because he use winscp and also replace wrong file one server.

How this happen, intern got simple task: forward page to secure ssl. But PC that was used for this task had installed WINSCP and hidden file was replaced without confirmation ( prev. user config ). After that edit page was offline 500 error .htaccess file was there just hidden and Winscp was configuration to auto replace ( also i like this options in filezilla is just per session ).

How we can fix this in future
- if you think winscp use some kids who download po rn form FTP server you are really wrong
- show default hidden file or even display some popup if file are hidden and exists and its auto replaced.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
36,052
Location:
Prague, Czechia

Re: .httacess was missing but was hiden and replaced 10 milion people affected 50k emails

Please attach a full session log file showing the problem (using the latest version of WinSCP).

To generate the session log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Reply with quote

Advertisement

You can post new topics in this forum