Hi:
Sounds like you have a real problem there. If you can access your httpd.conf file then this is an even more secure method than using .htaccess.
Add the following to this file:-
<Directory /path/to/links/admin/>
Order deny,allow
Deny from all
Allow from 222.222.2.2 127.0.0.1 (assuming 222.222.2.2 is your IP address)
</Directory>
You normally also add some options to these entries, but as (I am assuming) that your installation is below cgi-bin then these should already be set properly (eg. Options ExecCGI -MultiViews +SymLinksIfOwnerMatch etc).
As I said earlier, this is a better method, in my view, than .htacess at securing your directory.
Is this person getting in via FTP? You should check your FTP logs for this and restrict your users. I would even, if someone other than yourself has FTP access consider deleting all users and starting over with new usernames and passwords. Always connect via SFTP and SSH.
I would also run a spyware program (comprehensive scan) over the computer and/or network you use to access your site - you may have a nasty in there that is catching your keystrokes/passwords etc.
Hope this helps,
Regards,
Clint.
--------------------------
http://AffiliatesDirectory.com
The Affiliate Programs Directory
Sounds like you have a real problem there. If you can access your httpd.conf file then this is an even more secure method than using .htaccess.
Add the following to this file:-
<Directory /path/to/links/admin/>
Order deny,allow
Deny from all
Allow from 222.222.2.2 127.0.0.1 (assuming 222.222.2.2 is your IP address)
</Directory>
You normally also add some options to these entries, but as (I am assuming) that your installation is below cgi-bin then these should already be set properly (eg. Options ExecCGI -MultiViews +SymLinksIfOwnerMatch etc).
As I said earlier, this is a better method, in my view, than .htacess at securing your directory.
Is this person getting in via FTP? You should check your FTP logs for this and restrict your users. I would even, if someone other than yourself has FTP access consider deleting all users and starting over with new usernames and passwords. Always connect via SFTP and SSH.
I would also run a spyware program (comprehensive scan) over the computer and/or network you use to access your site - you may have a nasty in there that is catching your keystrokes/passwords etc.
Hope this helps,
Regards,
Clint.
--------------------------
http://AffiliatesDirectory.com
The Affiliate Programs Directory
