Title: Additional Files were inside Last modified: September 1, 2016 --- # Additional Files were inside * [spanizhfly](https://wordpress.org/support/users/spanizhfly/) * (@spanizhfly) * [9 years, 11 months ago](https://wordpress.org/support/topic/additional-files-were-inside/) * Hi, * I’m regular user of Ithemes for my site security. * Lately, my hosting company called me and said there some additional files which shooting out spam mails from my wordpress. When i check i notice there are additional folder which I cant recall the name with weird files in it. * Is there anything i left out to when i set up my ithemes or something to block additional files being insert into my wp installation. * Hope to hear from you, thanks * [https://wordpress.org/plugins/better-wp-security/](https://wordpress.org/plugins/better-wp-security/) Viewing 3 replies - 1 through 3 (of 3 total) * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [9 years, 11 months ago](https://wordpress.org/support/topic/additional-files-were-inside/#post-7509374) * [@spanizhfly](https://wordpress.org/support/users/spanizhfly/) * According to the plugin FAQ: * > Will this plugin completely stop all attacks on my site? > - No. iThemes Security is designed to help improve the security of your WordPress > installation from many common attack methods, but it cannot prevent every > possible attack. Nothing replaces diligence and good practice. This plugin > makes it a little easier for you to apply both. * Make sure to use the **File Change Detection** feature to monitor (possibly malicious) changes to your WordPress install footprint. * dwinden * Thread Starter [spanizhfly](https://wordpress.org/support/users/spanizhfly/) * (@spanizhfly) * [9 years, 10 months ago](https://wordpress.org/support/topic/additional-files-were-inside/#post-7509473) * Thank you dwiden and appreciate your reply. * I know FAQ part, i was just curious. * I needed an idea or solutions, that is the reason i’m here. * I’ve turn ON the file detection, doesn’t show that the folder has been inserted. * Any other idea? * Thank you dwinden once again * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [9 years, 10 months ago](https://wordpress.org/support/topic/additional-files-were-inside/#post-7509489) * [@spanizhfly](https://wordpress.org/support/users/spanizhfly/) * If you turn on the **File Change Detection** feature AFTER your site got infected it will not detect the file changes. * For the **File Change Detection** feature to notice the site infection it needs to be turned on BEFORE infection. * You have several options. * You can restore a site backup which you know is not infected. But you will also need to figure out which vulnerability was used to infect the site and then fix it. Otherwise the infection may return. * Run your site through an online malware scanner like [Sucuri SiteCheck](https://sitecheck.sucuri.net//). It won’t remove the malware, but it will help identify which malware infected the site. And that information may help you with cleaning the site. * Note malware scanners do not always detect all malware. * dwinden Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Additional Files were inside’ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 3 replies * 2 participants * Last reply from: [dwinden](https://wordpress.org/support/users/dwinden/) * Last activity: [9 years, 10 months ago](https://wordpress.org/support/topic/additional-files-were-inside/#post-7509489) * Status: not resolved