Title: theme.php
Last modified: August 30, 2016

---

# theme.php

 *  Resolved [hotconductor](https://wordpress.org/support/users/hotconductor/)
 * (@hotconductor)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/themephp/)
 * We have noticed a trend where sites, even with Wordfence and all plugins/themes
   updated, still occasionally are succeptible to a theme.php hijack. Is there a
   way to lock down that file so that it cannot be injected? Thoughts?
 * [https://wordpress.org/plugins/wordfence/](https://wordpress.org/plugins/wordfence/)

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [WFBrian](https://wordpress.org/support/users/wfbrian/)
 * (@wfbrian)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/themephp/#post-6837742)
 * Hi,
 * Sounds like there is still a backdoor somewhere if the same file keeps getting
   changed. Are you on a shared server? Is there an uploads directory? There could
   be something left in the database being used as a backdoor.
 * Here is our documentation on cleaning a site.
 * [https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/](https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/)
 * -Brian
 *  Thread Starter [hotconductor](https://wordpress.org/support/users/hotconductor/)
 * (@hotconductor)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/themephp/#post-6837746)
 * Dedicated server for all of our sites. Permissions are correct on folders etc.
   I am sure there is a backdoor, just trying to figure out why Wordfence doesn’t
   seem to be protecting sites from theme.php injections. I just get a notice afterwards.
   Good to get the notice ofcourse, but I was wondering if there was a way to harden
   the file so that it is more difficult to inject.
 *  Plugin Author [WFMattR](https://wordpress.org/support/users/wfmattr/)
 * (@wfmattr)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/themephp/#post-6837843)
 * I think you have been in contact with us on our premium support site, so I am
   closing this request. Let us know if not. Thanks!
 * -Matt R

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘theme.php’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

 * 3 replies
 * 3 participants
 * Last reply from: [WFMattR](https://wordpress.org/support/users/wfmattr/)
 * Last activity: [10 years, 5 months ago](https://wordpress.org/support/topic/themephp/#post-6837843)
 * Status: resolved