Does wordfence also scan the database?

  • Resolved Jules Colle

    (@jules-colle)


    5 years, 11 months ago

    It seems to me that Wordfence only scans files, is that correct? I would like to check my database for malicious JS patters (that could have been injected either directly, trough SQL-injection or via a PHP script). Is this possible?

Viewing 2 replies - 1 through 2 (of 2 total)
  • wfdave

    (@wfdave)

    5 years, 11 months ago

    Hi @jules-colle,

    Wordfence scans comments/posts (which are stored in the database) with the two options:

    – Scan comments for known dangerous URLs and suspicious content
    – Scan posts for known dangerous URLs and suspicious content

    However, it does not scan for malicious JavaScript already present in the database.

    Dave

    Thread Starter Jules Colle

    (@jules-colle)

    5 years, 11 months ago

    Thanks for the fast answer! Any suggestions/tips for scanning the database? I have this recurring problem on some websites where all pages redirect to a “Congratulations you won an iPhone!” page. WF scan always finds some infected PHP files, and after I clean them up, everything works fine again. I already changed all my passwords including DB. But problems seems to come back every now and then.

    I know this is out of scope of your support s I don’t expect an answer, just mentioning it here in the hope you or anyone with similar problems has some ideas.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Does wordfence also scan the database?’ is closed to new replies.