How to stop wordpress from changing default .htaccess permissions to 444

Please find below points

1. It’s quite possibly your hosting provider isolating it from the other users on the server. I’d recommend checking with them, though it’s unlikely that they’d want to change that.

2. Your site has likely been hacked. In my website injected some malicious code into wp-includes/nav-menu.php, causing .htaccess to reset to 444 on any page load.

To remove hacking code please find below steps

1. Take your site offline as soon as possible & change the permissions of the site folder to 600
2. Re-name the website’s folder (public_html or your domain name) to something else and create a different folder with the same name as the original. Put a file called .maintenence in this folder. this will put your website in maintenance mode. You can use any html you want in the .maintenance file.
3. Download WordPress. Make sure you download an appropriate version. You can find the version of this wordpress install by viewing the version number in /readme.html (not recommended to keep this file).
4. Delete the following directories: wp-includes and wp-admin and replace these with the directories from a freshly downloaded WordPress. This will clean up the core files. It is important to delete these folders instead of merging them as a merge will not get rid of the files that are not part of wordpress core.
5. In the root directory, delete all files but from wp-config.php.
6. Replace these with the files from the freshly downloaded wordpress instance.
7. Rename your original directory back to it’s original name.

Check this url for some solution



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s