Quantcast
Channel: WordPress.org Forums » [Wordfence Security - Firewall, Malware Scan, and Login Security] Support
Viewing all articles
Browse latest Browse all 32701

asaracena on "[Plugin: Wordfence Security] 5 sites hacked this week"

$
0
0

Let me first say that I love your plugin and have found it so useful that I use it on all my sites. I'm considering updating to the paid version on my commercial sites because it would be a disaster if they were hacked.

However in the last three days 5 of our sites have been hacked - core WordPress files were changed and extraneous files with malicious eval code were added.

Wordfence notified me about these attacks but apparently wasn't able to stop them on our sites. I've been diligent about updating WordPress and your Wordfence plugin. This is the latest hack on verdigrisfurniture.com (happened about 18 hours ago:
* WordPress core file modified: wp-comments-post.php
* This file may contain malicious executable code: /home/content/u/r/a/uransoftware/html/verdigrisfurniture.com/wp-comments-post.php
* This file may contain malicious executable code: /home/content/u/r/a/uransoftware/html/verdigrisfurniture.com/wp-content/blog.php
* This file may contain malicious executable code: /home/content/u/r/a/uransoftware/html/verdigrisfurniture.com/wp-content/defines.php
* This file may contain malicious executable code: /home/content/u/r/a/uransoftware/html/verdigrisfurniture.com/wp-content/themes/help.php
* This file may contain malicious executable code: /home/content/u/r/a/uransoftware/html/verdigrisfurniture.com/wp-content/themes/template.php
* This file may contain malicious executable code: /home/content/u/r/a/uransoftware/html/verdigrisfurniture.com/wp-content/uploads/gallery.php

All the sites have been cleaned by re-installing WordPress 4.0 either through the admin panel or very carefully file by file in FTP replacing WP core files with originals. I deleted files that don't exist in 4.0.

I always only set up an FTP user for a single site and delete it after I've finished. I also updated the WordFence plugin to the most recent version 5.2.5. I'm wondering if there is anything else I should be doing to avoid this in the future to avoid these annoying attacks.

Thanks!
alison

https://wordpress.org/plugins/wordfence/


Viewing all articles
Browse latest Browse all 32701

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>