theme.php | WordPress.org

Resolved hotconductor
(@hotconductor)

10 years, 5 months ago

We have noticed a trend where sites, even with Wordfence and all plugins/themes updated, still occasionally are succeptible to a theme.php hijack. Is there a way to lock down that file so that it cannot be injected? Thoughts?

https://wordpress.org/plugins/wordfence/

Viewing 3 replies - 1 through 3 (of 3 total)

WFBrian
(@wfbrian)

10 years, 5 months ago

Hi,

Sounds like there is still a backdoor somewhere if the same file keeps getting changed. Are you on a shared server? Is there an uploads directory? There could be something left in the database being used as a backdoor.

Here is our documentation on cleaning a site.

https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

-Brian

Thread Starter hotconductor
(@hotconductor)

10 years, 5 months ago

Dedicated server for all of our sites. Permissions are correct on folders etc. I am sure there is a backdoor, just trying to figure out why Wordfence doesn’t seem to be protecting sites from theme.php injections. I just get a notice afterwards. Good to get the notice ofcourse, but I was wondering if there was a way to harden the file so that it is more difficult to inject.

Plugin Author WFMattR
(@wfmattr)

10 years, 5 months ago

I think you have been in contact with us on our premium support site, so I am closing this request. Let us know if not. Thanks!

-Matt R

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘theme.php’ is closed to new replies.

3 replies
3 participants
Last reply from: WFMattR
Last activity: 10 years, 5 months ago
Status: resolved