wordfence Psuedo-Darkleech Prevention?

  • I have been having on-going problems with recurring hacks of wp-includes/nav-menu.php on all my wordpress sites. I believe that this is Psuedo-Darkleech. I have been using the free version of Wordfence and it has been very helpful in finding and correcting the hack. But, it still comes right back in a few days. I’m wondering if the paid version would do more to prevent this problem or at a minimum automatically correct it when it is detected.

Viewing 1 replies (of 1 total)

  • You are missing something on your hack correction process.

    If the hack is coming back, you have still malware in your site (called a rootkit or backdoor). I use both iThemes Security and WordFence and both together can find more hacks than just WordFence alone. Try to look for backdoors as they allow for re-hacks.

    This document from Securi explains the DarkLeech hack:

    https://blog.sucuri.net/2015/03/pseudo-darkleech-server-root-infection.html

    Securi has tools to look for this hack.

Viewing 1 replies (of 1 total)
  • The topic ‘wordfence Psuedo-Darkleech Prevention?’ is closed to new replies.