Site still had malware even if I use wordfence

  • I spotted malware files even for the sites I have wordfence. Why does it happen? I deleted the ones that obviously looked as bad files by their weird filenames. But my host sad that there can still be malware in the legitimate files, as the malware wrote itself in my legitimate files. What plugin do you suggest to scan quickly the bad stuff in legitimate files?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Moderator t-p

    (@t-p)

    I spotted malware files even for the sites I have wordfence. Why does it happen?

    It’s likely the hacker left backdoor open.

    Carefully follow this guide.

    When you’re done, you may want to implement some (if not all) of the recommended security measures and start backing up your site.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Off hand, couple of names that come to mind are Sucuri and Wordfence.

    Thread Starter ketanco

    (@ketanco)

    I know both of those generic pages. It is not my question. And as I said I already had wordfence. My question is how can I clean the legitimate looking files quickly?

    Moderator t-p

    (@t-p)

    how can I clean the legitimate looking files quickly

    If you unable to clean yourself, then hire someone to clean it for you.
    I suggested couple of names above to hire.

    Thread Starter ketanco

    (@ketanco)

    is there a free plugin to spot this stuff and clean?

    • This reply was modified 4 years, 5 months ago by ketanco.
    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Tell WordFence to scan all files as if they were code and scan files outside your WordPress installation. Note that it’s not infallible, so t-p’s recommendation holds.

    Thread Starter ketanco

    (@ketanco)

    So in the wordfence options the following four was unchecked (others were checked):
    -Scan theme files against repository versions for changes
    -Scan plugin files against repository versions for changes
    -Scan files outside your WordPress installation
    -Scan images, binary, and other files as if they were executable

    so what you mean is to check all these and scan again correct?

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Yes.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Site still had malware even if I use wordfence’ is closed to new replies.