Hacker Clean up Fun

  • foreverlearning

    (@foreverlearning)


    8 years, 1 month ago

    Hacker had a bit of fun with me yesterday. Did a restore from backup, then scanned with WordFence and got everything cleaned up with one exception. Wordfence points to an @include in the wp-config.php file but when I download and open up the file it’s clean. Any hints?
    Here’s what Wordfence says:
    (Filename: wp-config.php
    File Type: WordPress Configuration File
    Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: [removed by moderator from public forum]. The infection type is: A backdoor known as ico.)

    Thanks
    Dan

    • This topic was modified 8 years, 1 month ago by James Huff. Reason: hack code removed by moderator

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    8 years, 1 month ago

    Carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Pablo Silva

    (@bocha87)

    8 years, 1 month ago

    Look, just to be on the safe side 100%, and if this is the only file that the security plugin brought to your attention, grab a clean WordPress zip from the official page, unzip it somewhere, grab a clean wp-config and compare it against yours – if this line with the include is not in the original file, get ride of it. Do a backup first, and try to test in your local machine or a test environment first.

    One edge case that I’m thinking about, and there’s a low chance of this happening, is that your hosting provider might provide you with a tailored wp-config.php file, like WPEngine.com does, and your security plugin might be flagging it regardless.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    8 years, 1 month ago

    I’ve moved this out of Everything else WordPress to Fixing WordPress where the topic belongs.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Hacker Clean up Fun’ is closed to new replies.