Replies: 0
Hi, first thank you for helping us to keeping our sites safe.
I had an instance where, even though the site was protected by Wordfence free, the user has managed to:
– Upload a plugin (https://www.wordpressbackdoorplugin.com/)
– Hide it from the UI list
– That plugin created an admin user
– The user was hidden from UI
So I had absolutely NO IDEA of that happening, and the scan did not pick up any of it.
Is there a way to check for hidden plugin or hidden user within WordFence or a different way? Also, is there a way to be notified not only if WordFence is deactivated, but to have a check where if Wordfence is not active (recurring check) we get an alert?
I really appreciate your help. Thanks.