protect.php file already in use

Hi there,

I am the current web administrator of the website http://www.rocknrollchorus.com . I recently received an email from the hosting provider notifying me that malicious files have been found on my site. I have since deleted said files, and downloaded Wordfence. I have scanned the site, and deleted any additional files that the plugin has identified as malicious. I am now in the process of attempting to enable the Wordfence Web Application Firewall, and recieved the following blurb of text

The Wordfence Web Application Firewall is designed to run via a PHP ini setting called auto_prepend_file in order to ensure it runs before any potentially vulnerable code runs. This PHP setting is currently in use, and is including this file:

/var/chroot/home/content/protect.php

If you don’t recognize this file, please contact us on the WordPress support forums before proceeding.

I personally don’t recognize this file, although I’m not sure what the administrator before me had set up, I’d like to be certain that I’m not messing anything up.

Additionally, I wanted to verify that all I needed to do to rid my website of malware was to run the scan and delete all infected files, and restore the htaccess file to its original state. I am trying to get the individuals in charge of this group to spend on a Wordfence cleanup/premium membership pack, but I’m not sure if it’s going to happen, they’re rather reluctant to spend money.

• This topic was modified 9 years, 2 months ago by rnrc.
• This topic was modified 9 years, 2 months ago by rnrc.