pattycake22

I’m about ready to agree with you there – I’m reviewing logs and it appears they might have gained access thru cpanel, bypassing the normal wordpress login and security features. I’m reviewing the logs now. Will know more better. Actually relieved that it is possible that they came in thru cpaneel – was thinking that Wordfence might have failed me. Feeling better now about Wordfence

alerts configured correctly…. looks like something when fubar because the site just got hacked – I posted a new message about it. btw: No alert on a failed or successful login from the hack

> Would it be possible to head over to global options and send me a screenshot of the alerts settings?Thanks

A screen shot won’t capture that page – it would be about 2 screen shots but, I have everything checked on except the first item
Email me when Wordfence is automatically updated. If you have automatic updates enabled (see above), you’ll get an email when an update occurs.

Site is https://starkfutureusa.com

Warning – Getting the red alert page from google that the site is dangerous – it’s a result of the recent hack that I ended up wiping the entire site and starting over – hence the installation of Wordfence..  It’s not malicious anymore, but I’m guessing it was from due to hack that led me to Wordfence.  Not sure how long I have to wait until that message goes away.

Btw:  Error logs being created with alerts about wordfence: three entries today –

[23-Mar-2023 19:03:46 UTC] Cron reschedule event error for hook: wordfence_ls_ntp_cron, Error code: could_not_set, Error message: The cron event list could not be saved., Data: {“schedule”:”hourly”,”args”:[],”interval”:3600}

[23-Mar-2023 23:52:37 UTC] Cron reschedule event error for hook: action_scheduler_run_queue, Error code: could_not_set, Error message: The cron event list could not be saved., Data: {“schedule”:”every_minute”,”args”:[“WP Cron”],”interval”:60}

[23-Mar-2023 23:52:37 UTC] Cron reschedule event error for hook: wordfence_ls_ntp_cron, Error code: could_not_set, Error message: The cron event list could not be saved., Data: {“schedule”:”hourly”,”args”:[],”interval”:3600}

• This reply was modified 1 year, 8 months ago by pattycake22.
• This reply was modified 1 year, 8 months ago by pattycake22.

Most are saying: “blocked by the Wordfence Security Network”

Check that – ALL of them are showing that

Question 1. Does that mean that the login was checked against a database being maintained by Wordfence?

Question 2. Last question – I get a gob of alerts, all as requested. But I don’t get an alert on a login that was blocked. Is there a setting I missed so I can get alerts on all blocked logins?

• This reply was modified 1 year, 8 months ago by pattycake22.
• This reply was modified 1 year, 8 months ago by pattycake22.
• This reply was modified 1 year, 8 months ago by pattycake22.

I have cleaned the site, have installed wordfence and securi, and already had backups being scheduled and made but, the malware keeps coming back – I have to think it’s in one of the cron entries. How do I see the exact code that is being run in each cron entry?