WordPress.org

Ready to get started?Download WordPress

Forums

WebsiteDefender WordPress Security
[resolved] Backdoor script detected in WD root file (5 posts)

  1. Treebeard
    Member
    Posted 1 year ago #

    I scanned using the Anti-Malware plugin, and it detected the WD file that's in the website's root directory (php file) as being a Backdoor script? I checked the file on the server and compared it to the original one I downloaded from WD, and nothing's changed. So is that file actually a backdoor then? The entire file shows as a backdoor, not just a specific line or anything.

    http://wordpress.org/extend/plugins/websitedefender-wordpress-security/

  2. WebsiteDefender
    Member
    Plugin Author

    Posted 1 year ago #

    Hello, malawimama

    thank you for showing interest in our plugin.
    However, the results you have got using that plugin are not correct, our plugins are secure and there is just no way any of them can be marked as backdoors.

    My suggestion is to find another (and better) malware scanner than just a plugin...

    Regards,
    WSD

  3. Treebeard
    Member
    Posted 1 year ago #

    Thanks WSD. I wouldn't have posted a message here if I wasn't worried. I never trust only 1 source, the original detection came from a website called Sucuri, that's when I checked using a plugin and that's where it was more specific in listing it as a backdoor script, so I'm not saying your script is actually a problem, for all I know, the files could have been corrupted somehow, I wouldn't know since I'm not a hacker, but maybe it's possible the files were hacked. Who knows. I just wanted to bring it to your attention.

  4. WebsiteDefender
    Member
    Plugin Author

    Posted 1 year ago #

    Hello, Treebeard

    Thank you for your feedback, but the original file cannot be marked as a backdoor because it isn't one, and if files got somehow modified then that's very unfortunate because it means the website got somehow hacked, so I suggest you change your passwords and reinstall wordpress from scratch (and you should check the database also).

    Regards,
    WSD

  5. ColinCook
    Member
    Posted 8 months ago #

    Strangely, following a hack of the servers hosting my website it seems most of the sites on there were then compromised including mine.

    Access to my site appears to be via a vulnerability in (crazily) a security plugin!

    I am now totally unable to access my own wordpress install and the error given when I try is

    Fatal error: Cannot redeclare __hideFooterVersion() (previously declared in /home/colincoo/public_html/wp-content/plugins/secure-wordpress/res/inc/SwpaSecurity.php:41) in /home/colincoo/public_html/wp-content/plugins/wp-security-scan/res/inc/WsdSecurity.php on line 41

    I am currently changing hosting company and then can re-upload a hopefully clean site.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.