WordPress.org

Support

Support » Plugins and Hacks » [Resolved] Backdoor script detected in WD root file

[Resolved] Backdoor script detected in WD root file

  • Treebeard
    Participant

    @malawimama

    I scanned using the Anti-Malware plugin, and it detected the WD file that’s in the website’s root directory (php file) as being a Backdoor script? I checked the file on the server and compared it to the original one I downloaded from WD, and nothing’s changed. So is that file actually a backdoor then? The entire file shows as a backdoor, not just a specific line or anything.

    http://wordpress.org/extend/plugins/websitedefender-wordpress-security/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author WebsiteDefender
    Member

    @websitedefender

    Hello, malawimama

    thank you for showing interest in our plugin.
    However, the results you have got using that plugin are not correct, our plugins are secure and there is just no way any of them can be marked as backdoors.

    My suggestion is to find another (and better) malware scanner than just a plugin…

    Regards,
    WSD

    Treebeard
    Participant

    @malawimama

    Thanks WSD. I wouldn’t have posted a message here if I wasn’t worried. I never trust only 1 source, the original detection came from a website called Sucuri, that’s when I checked using a plugin and that’s where it was more specific in listing it as a backdoor script, so I’m not saying your script is actually a problem, for all I know, the files could have been corrupted somehow, I wouldn’t know since I’m not a hacker, but maybe it’s possible the files were hacked. Who knows. I just wanted to bring it to your attention.

    Plugin Author WebsiteDefender
    Member

    @websitedefender

    Hello, Treebeard

    Thank you for your feedback, but the original file cannot be marked as a backdoor because it isn’t one, and if files got somehow modified then that’s very unfortunate because it means the website got somehow hacked, so I suggest you change your passwords and reinstall wordpress from scratch (and you should check the database also).

    Regards,
    WSD

    Strangely, following a hack of the servers hosting my website it seems most of the sites on there were then compromised including mine.

    Access to my site appears to be via a vulnerability in (crazily) a security plugin!

    I am now totally unable to access my own wordpress install and the error given when I try is

    Fatal error: Cannot redeclare __hideFooterVersion() (previously declared in /home/colincoo/public_html/wp-content/plugins/secure-wordpress/res/inc/SwpaSecurity.php:41) in /home/colincoo/public_html/wp-content/plugins/wp-security-scan/res/inc/WsdSecurity.php on line 41

    I am currently changing hosting company and then can re-upload a hopefully clean site.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[Resolved] Backdoor script detected in WD root file’ is closed to new replies.