Security Issue

  • Hi

    I have run a WORDFENCE SCAN and appear to have an issue with some suspicious activity. The problem is I now do not know what to do to get rid of it? Wordfence will not allow me to delete the file through their software. Could someone guide me through the steps to remove this issue?

    This is the report from WORDFENCE

    Filename: /var/www/web/.stats/agent_202009.html

    File Type: Not a core, theme, or plugin file from www.ads-software.com.

    Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: cat /etc/passwd

    The issue type is: Backdoor:SH/passwdaccess.60
    Description: Theft of server password information. Also sometimes seen in a backdoor known as Liz0ziM

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)

  • You can use something such as FTP to log into the directory and delete the file manually. It might also be worth having a look to see what might have happened or if it has falsely flagged up.

Viewing 1 replies (of 1 total)
  • The topic ‘Security Issue’ is closed to new replies.