Malware Detected by WordFence

  • Hello, Recently my website got compromised. The hacker embedded the credit card form over WooCommerce payment details on the checkout page. I found out and fixed the issue then I installed WordFence and done a complete scan of the site. The malware was detected in wp-admin and wp-includes as well. I replaced the new files and got them cleaned.

    https://snipboard.io/3q9iB5.jpg

    I’m using iThemes Security Pro and now using WordFence with it to keep it secure. Running 40+ websites on a VPS server and just scanned another site that is hosted on my server and found out the same malware in the files. All the sites are using iThemes Security Pro and everything is active.

    Is this something happening from the server-side because the files are getting modified automatically and WordFence is giving me the notifications. I can’t track all the websites and keep them fixing one by one.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Don’t use two security plugins at the same time. If you are lucky then they’ll just ignore each other. If you are not they will provide conflicting information.

    As you paid for iThemes Security Pro I suggest you avail yourself of that option and post there for support.

    https://ithemes.com/support

    That’s the link to their paid customer support site.

    Thread Starter sam53

    (@sam53)

    I’m going to post this to the support as well but I have checked the infected files and the piece of code injected in WP-ADMIN files is basically not in the officially released files. I have compared both files side by side.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Thread Starter sam53

    (@sam53)

    I have been able to clean the website myself because I’m a developer but I’m checking from where they are getting inside.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Malware Detected by WordFence’ is closed to new replies.