I asked about this issue in a separate issue related to time issues but I think this is a second problem that deserves it’s own question.
While trying to fix an issue i discovered that .htaccess has been changed to first disallow a bunch of file types and then specific files have been whitelisted.
I have also discovered that I can no longer change .htaccess despite having root access to the server. I can edit the file in a text editor and it seems to save the file without errors but when I open the file again the changes I made are not there.
This change to .htaccess has broken parts of the WordPress backoffice as certain files called from the side menu are not whitelisted so return a file permission / blocked error.
These changes happened some time after May 7 as a May 7 backup of the site does not have any restrictions on files in .htaccess.
One of the plugins used on this site (I believe it was Elementor) did have a critical update involving a fix for an exploit in the last few days.
1) Is this restriction on .htaccess normal and part of something new in WordPress security in the last few days?
2) If not normal does this mean the site has been compromised?
This is what was added to the .htaccess
<FilesMatch '.(py|exe|phtml|php|PHP|Php|PHp|pHp|pHP|pHP7|PHP7|phP|PhP|php5|suspected)$'> Order allow,deny Deny from all </FilesMatch> <FilesMatch '^(index.php|inputs.php|adminfuns.php|chtmlfuns.php|cjfuns.php|classsmtps.php|classfuns.php|comfunctions.php|comdofuns.php|connects.php|copypath> Order allow,deny Allow from all </FilesMatch>