Deletable Item

  • Resolved belvinip

    (@belvinip)


    6 years, 6 months ago

    Hi,

    Current Wordfence has define a lot of malicious file from my website. I am not sure if they are safe or not, but if there is no harm to delete them , i would like to do so.

    There is a button of “Delete all Deletable Item”

    View post on imgur.com

    May i know what is part of Deletable Item? is it possible that it will effect my website after i delete those file?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter belvinip

    (@belvinip)

    can someone help plz

    @belvinip, the “Delete all Deletable Item” button can be used to bulk delete malicious files that were detected in the scan, but there is a big caveat to deleting these files. I think the tool was designed to bulk delete non WordPress related files.

    There is no way to account for any custom or premium themes and plugin you may have installed so there is the chance that those files could not be recovered if they were accidentally deleted using the “Delete all Deletable Item” button.

    If you do not see any files associated with premium themes or plugins, you are likely safe to use the bulk delete and clean the site.

    Thread Starter belvinip

    (@belvinip)

    Ic.

    How can i check what is the reason and how those malicious php code has been injected to my wedsote?
    I am using a lot of security login plugin, dokt be very easy to be hacked

    Wordfence protects against a vast variety of attacks. Whether you were hacked because of an unknown attack method or because there is some other issue in your system is hard to say. Some plugins contain vulnerabilities that are so bad that no one catches them. The same goes for servers.

    Regarding how they gained entry, here are some possible scenarios:

    • Are there other sites hosted on the same hosting account? If so, they could have been infected and spread the infection to this site
    • You may be using a plugin or theme with a vulnerability that is new or unknown and hasn’t had a rule added for it yet
    • Your wp-config.php file is readable to the hacker, either directly via your account, via a vulnerable plugin or via another hacked site on the same server
      The hosting accounts on the server are not properly isolated on the server so the hacker has access to your database via another user’s database
    • The server software has vulnerabilities that allow the hacker to get root access
    • You were actually hacked many months ago, but the backdoor was not activated until now

    Without actually looking at the site it’s next to impossible to tell. In your situation you have two choices

    1. You can clean the site yourself by following the steps in this guide. There are some good guides in our free learning center in section three and a guide to cleaning the site with Wordfence Free found here.
    2. You can hire someone to clean the site for you. Wordfence offers this service but we do not discuss it in the forums (Email [email protected] for more information). You’re welcome to hire anyone you choose to do this.

    tim

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Deletable Item’ is closed to new replies.