Scanner does not find “non wordpress” files

  • Resolved pizzapie79

    (@pizzapie79)


    1 month, 1 week ago

    Hi, some days ago my website has been hacked and some image files and html files were uploaded into my web server .

    I expected the Wordfence scanner to flag and report these files since they are not WordPress files, but the scanner does not report them.

    Is that behaviour correct? Maybe they are not flagged because they do not contain malicious code? Is there a way to quickly find all those images and html files that has been upload by the hacker?

    Thanks in advance ??

    • This topic was modified 1 month, 1 week ago by pizzapie79.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfscott

    (@wfscott)

    Hello, @pizzapie79

    The Wordfence scanner will find files that are out of place in the wp-includes and wp-admin directories while the scan option Scan wp-admin and wp-includes for files not bundled with WordPress is enabled. If images were added elsewhere, they would not be picked up as “Unknown files”.

    If any files are seen to be matching any of our malware signature, they would be picked up at that point as well.

    Thanks,
    Scott

    Thread Starter pizzapie79

    (@pizzapie79)

    Hi Scott,
    thank you very much for your explanation, now I understand ??

    Thanks again and best regards.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.