I’d need to see a screenshot of your complete options page to b e sure. Some of my go to options are :
Scan for signatures of known malicious files
Scan file contents for backdoors, trojans and suspicious code
Scan options table
Scan files outside your WordPress installation
Scan image files as if they were executable
Disable Code Execution for Uploads directory
Also, you need to be scanning for core, themes, and plugins against the wordpress repository for changes.
I think Pharmahack was one of the things that the revslider exploit was used for. They have updated that plugin. If you had it bundled with the theme, then you need to get the theme developer to update his code. You need to update all themes and plugins, even if they are disabled.
Hope this helps.
tim
Thanks Tim, I am happy with the scan options, I think Wordfence is fantastic in that area. It was the settings to prevent hacks getting into the site I was after, if you can assist with the best settings to prevent a re-occurence I would appreciate it.
Thanks
Disable Code Execution for Uploads directory is a good one for this. Also, make sure all your plugins and themes are either updated or removed. Update them even if they are disabled because this is a major way for hackers to get in. Make sure WordPress is too.
I mentioned the revslider problem. Is that bundled with your theme?
tim
