Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)
  • hi kldckldc

    Your file may have another problem. If you have an older back up maybe you can swap them out, if not perhaps export your wordfence settings, delete and reinstall a fresh copy of wordfence and import your settings again. (Note: You may lose some blocking lists already created so its a very last option at the least)

    Also, for the blocking not being enabled. I would check the “options” section, top area “Basic Options” and make sure:
    -Enable Rate Limiting and Advanced Blocking is checked.

    After that not sure what else it maybe at this point,
    unless we look deeper under the hood.
    Hope that helps.

    @kldckldc: for the bots hitting your login, use a plugin called “rename-login” and change the name of your login page to something else. You can change it back once the bots have stopped.

    @ taastrategies there should be some links towards the bottom of the actual scan page, if they are still not showing up, thru ftp or your hosting file manager, I have replaced the wordfencehash.php with a correct backup/archive version. I would still get the error ,but then I would run the scan again and then it would show the “restore to old file” blue text links.

    @syzygist The problem I think is with wordfence not wordpress. I am sure there are similar discussions going on within the wp community already, hopefully an update from wordfence or wordpress will appear quickly.

    Good Luck!

    Hi guys,

    I don’t think this error is purely cosmetic. Its seems to be the latest hacker malware blocker implementation against Wordfence & WordPress.

    As of recent the latest trick is the “Undefined index: coreUnknown” is an actual file injection to prevent malware from being noticed.

    Please review my attached image of the infected file and the original clean file
    side by side.

    https://plumppixel.com/injected_file.jpg

    In order to correct the issue, just go to the Wordfence “scan”, start a new scan once done the problem files will show up at the bottom. When you see the “wordfenceHash.php” you can click on the text links below the details paragraph on “restore to original file” and that should fix it.

    Make sure to always back up those clean sites before you do anything else and
    Good luck to everyone fighting off these WordPress troglodytes!

Viewing 3 replies - 1 through 3 (of 3 total)