Hacked Malware Index.php and .htaccess regenerating
Hopefully my findings will help other users. A number of my sites were recently hacked. I noticed that index.php filesize was much larger than the source wordpress file and when deleted / replaced it...
View ArticleMedia Library Images Being Duplicated
I need some help locating what is possible malware causing old images uploaded in 2015 being duplicated and filling up the drive and media library. Apparently the site was recently restored from a...
View ArticleYARA.SP_41_20190221_php_malware. in index.js
Hi, my host service informed me they found a malware inside the file /public_html/wp-content/plugins/woocommerce/packages/woocommerce-admin/dist/components/index.js...
View Articlepremium
i purchase premium in 99$yearly. Purchase because my VPS contain 25000+ malware. In activated one site plugin found 700+ infected files. The team fixed everything. In a time of several hours. Now...
View ArticleBlock Malware link?
Hi there, I’m looking for a way to block a specific malware link that’s being sent via our contact form using the free version of WPForms. We’ve now receive two emails from fake addresses claiming...
View Article.w3-cache appear on wp-content/uploads
W3-cache folder Automatically appear on wp-content/uploads. If i deleted the folder it comes again. I do not know how the folder appear. Note: i deleted w3 total cache plugin.
View ArticleCleantalk cleaned up what Sitelock wouldn’t.
I had 5 sites on my hostgator account and at some point one of them became comprimized with WP-VCD malware. It installed spam servers on every directory and infected every site with this resillient...
View Article.w3-cache issue
why W3-cache folder Automatically appear on wp-content/uploads. If i deleted the folder it comes again. I do not know how the folder appear. Note: i deleted w3 total cache plugin.
View Articlegoogle search result hacked
recently i got this issue in my website, the google search result shows i weird chinese text with name of a plugin named sonnox, i checked my plugins and no result for something unusual ,how i can...
View ArticleCFDB7 wordfence malware warning
I am up to date on WP and all plugins. I am getting this warning after a scan using Wordfence. Please advise. Thanks rtaffy Filename:...
View ArticleMalware warning for WooCommerce file
WP and all plugins are up to date. Using Wordfence scan produces this malware warning: Filename: wp-content/uploads/woocommerce_uploads/default-preparable.php File Type: Not a core, theme, or plugin...
View ArticleMalware issue
Hi Wordfence reported the following as malware: Filename: wp-content/class-wp-config-sys.php File Type: Not a core, theme, or plugin file from wordpress.org. Details: This file appears to be installed...
View ArticleMalware cleaned but came back
Hello, Thank you for this plugin that I deactivated for a while thinking I didn’t need it anymore until I was attacked. Anyway, after scanning my website with your plugin, it indeed found the malicious...
View ArticlePurchased site blocked
I was interested in purchasing this plug in for a project. Watched the videos and it seemed to have everything I needed. When I went to go click to buy, from here, and on their own website it gets...
View ArticleWhat is file suffix Malware?
Hello, After upgrading to PHP 8, some websites stopped working due to malware that used a undefined function. Fortunately, I solved it by simply deleting the code. (see here) However, files that have a...
View ArticleStrange changes to WooCommerce store
Hi everyone, I run a WooCommerce store, and after updating plugins on my site, I’ve noticed some strange changes. For one, there was a global product price discount of $1 applied across my entire...
View ArticleDoes WF Scan Uploaded Files? (All Types)
Good Day! As confirmed in this post, Wordfence scans uploaded files for malware. Our question is: Are there any Wordfence scanning limitations that we should be aware of? Specifically, are there any...
View ArticleMalware or something on my website
On the cart/myaccount pages and etc, there is a popup element to enter card information that does not tie into my payment processor (Square). I have not made any changes to the website in a long time...
View ArticleAdmin email randomly changed. No malware found
My buddy just noticed that the admin email was changed for many sites (but not all) within his network. The new email address was random characters at some strange domain. Our host ran a scan and found...
View Articlesecurity issue shows Nicename no workaround
this is a huge loophole for hackers it shows the Nicename you could try and explain to users how to change this, but it should not show it at all,
View Article