Hi, the website was hacked, a new admin signed in. Wordfence did nothing (no warning), and in the backend the IP-Address of the provider was whitelisted. We took a 5-month-old copy and transferred this copy to the new provider.
Now, at the new provider, there is another IP whitelistet and I even can’t delete it! Every time, when I delete this IP-Address and click on “Safe Changes”, it appears again!
https://sonnen-geflecht.at/wp-content/uploads/2023/09/Webserver.png
It is from a server in France, has nothing to do with the new provider, neither with the old.
I deleted Wordfence completely, because I think the plugin was hacked and contains malware. Is there anything you know about it or what I can do?
Thanks! Brisch