Modified Theme Files

  • melmcdonald2

    (@melmcdonald2)


    8 years, 5 months ago

    Hi. I have Wordfence installed for security and after a scan it has come back with changes to my Sugar & Spice theme files and suggests I may have been hacked.

    I need to know whether you have made these changes to the theme in the last day or so?
    It looks like it’s the header & footer php, and the style. css.

    if the changes were made by you then please note the message below from Wordfence.

    Wordfence have asked me to ask are you aware that when you update the plugin that people download from WordPress, but the version number and changelog are not being updated, there are many different versions of calculated fields from the original version, hence the reason it is being flagged as insecure and possibly hacked by Wordfence. If you released official versions say every week or two, and updated the version number each time, then Wordfence would not flag these up as possible hacks, and as users we could follow the development of the plugin more closely.

    Thank you and I would appreciate it if you could let me know soon as if it wasn’t you then I need to explore other avenues.

Viewing 1 replies (of 1 total)
  • CrouchingBruin

    (@crouchingbruin)

    8 years, 5 months ago

    The last time a new version the Sugar and Spice was release was over a year ago (Oct. 1, 2014), so if WordFence is detecting a difference, then I would probably go ahead & re-install the theme. However, you have to make sure that WordFence isn’t flagging the changes that you might have made to the theme files. That is, I’ve seen many people make changes to the theme files in order to customize their site, which is the incorrect way to modify a theme. Instead of making changes directly to theme files, you should create a child theme and make changes to a copy of the theme files.

Viewing 1 replies (of 1 total)
  • The topic ‘Modified Theme Files’ is closed to new replies.