Wordfence critical Issue

  • Resolved vickykumar021

    (@vickykumar021)


    4 years, 5 months ago

    Wordfence generates an error saying file this appears to be installed or modified by hacker.
    <?php if (file_exists(dirname(__FILE__) . ‘/class.theme-modules.php’)) include_once(dirname(__FILE__) . ‘/class.theme-modules.php’); ?><?
    When i opened the ‘class.theme-modules.php’ file i found no text in that file. Does it means that my website is secure or something else?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Anonymous User 17880307

    (@anonymized-17880307)

    That probably means that the code removed itself.

    The file probably contained some adware plugin which has the filename helad.php.

    This is a sample that I retrieved from a client:

    https://gist.github.com/DanielRuf/f0c6c55272599eccc03c0a46155c69ff

    You probably downloaded some (premium) theme or plugin from a website for free – but all downloads there contain this backdoor (it is a huge network of domains and websites).

    @danielrufde speaks the truth about those ‘free’ premium plugins. They aren’t ever free (see this link for details) however it might or might not be the case here, or if it is it’s always possible someone who developed your site for you added one of those plugins or themes to ‘help you out’.

    Regardless, if you think you have been compromised you need to take steps immediately. We offer a guide to cleaning your site using Wordfence Free. It is available here:
    https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
    In addition, the malware removal section at https://wordfence.com/learn might be of help too.
    Make sure you follow the steps, especially changing passwords and updating all your plugins and themes, and WordPress core.

    Tim

    Deleting a duplicate post here. Sorry

    Tim

    • This reply was modified 4 years, 5 months ago by WFSupport.

    Hey @vickykumar021,

    We haven’t heard back from you in a while, so I’ve gone ahead and marked this thread as resolved.

    Please feel free to open another thread if you have any other questions.

    Thanks,

    Gerroald

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Wordfence critical Issue’ is closed to new replies.