How do you detect malicious files?

  • Resolved olex_romt

    (@tigrokon)


    2 years, 5 months ago

    Hello,

    I’m considering your plugin as a security solution for my website.

    One of your features is a Malware Scanner. Can you clarify how you detect them? If it’s a database of malware signatures can it be efficient against modified malware files?

    Also can you clarify whether you use any third-party service for such detection? I mean will my files be uploaded to third-party?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfmark

    (@wfmark)

    2 years, 5 months ago

    Hi @tigrokon, thanks for reaching out.

    The Wordfence security team constantly updates an extensive database of malware vulnerabilities and uses this database to create malware signatures. With these signatures, Wordfence conducts regular malware scans to identify attacks from human hackers or bots.  The scan looks at all your WordPress files and your website’s posts, comments, and pages to determine if an attack has occurred. If the scan identifies malicious code or a backdoor attack, you’ll get an alert when you log in to your website’s dashboard. If you prefer, Wordfence can send you an email notification about any security issues it identifies during a scan.

    Our team writes detection signatures for new malware variants and regularly deploys those signatures to your Wordfence installation, giving you the ability to detect even the newest malware. Our malware signatures are used by your firewall to prevent hackers from uploading malware, and they are used by your Wordfence scanner to detect any malware in your filesystem.

    The security scanner included with the free version of Wordfence alerts you when your site is running vulnerable or outdated plugins, themes, or core files. Additionally, our scanner compares your core files, themes, and plugins with known clean versions in the WordPress.org repository. It checks their integrity and allows you to repair changed files by reverting them to a pristine, original version. The Wordfence scanner also scans file contents for malware, bad URLs, backdoors, SEO spam, malicious redirects, and code injections, allowing you to delete malicious files. Wordfence-free users receive signatures to detect new malware 30 days after they are released to our premium customers.

    I hope this helps. Let me know if you have any further questions.

    Thanks,

    Mark

    Thread Starter olex_romt

    (@tigrokon)

    2 years, 5 months ago

    Hi Mark,

    Thank you for the detailed response and information you provided. You didn’t mention ‘third-party’ topic in your response. So let me repeat the part from my original message:

    Can you clarify whether you use any third-party service for such detection? I mean will my files be uploaded to third-party?

    Best,

    Tig

    Plugin Support wfmark

    (@wfmark)

    2 years, 5 months ago

    Hi @tigrokon, thanks for getting back to us.

    Wordfence is a localized firewall that stays on your web server to perform server-side scans at a deeper level.

    Wordfence scans the files that are uploaded on your web server. Your files will not be shared with any third parties.

    Thanks,

    Mark

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘How do you detect malicious files?’ is closed to new replies.