{"id":4947,"date":"2023-10-06T09:00:09","date_gmt":"2023-10-06T15:00:09","guid":{"rendered":"https:\/\/www.whitefirdesign.com\/blog\/?p=4947"},"modified":"2023-10-05T18:44:49","modified_gmt":"2023-10-06T00:44:49","slug":"wordfence-security-daily-malware-scans-are-not-the-way-to-clean-up-a-malware-infection-of-a-wordpress-website","status":"publish","type":"post","link":"https:\/\/www.whitefirdesign.com\/blog\/2023\/10\/06\/wordfence-security-daily-malware-scans-are-not-the-way-to-clean-up-a-malware-infection-of-a-wordpress-website\/","title":{"rendered":"Wordfence Security Daily Malware Scans Are Not the Way to Clean Up a Malware Infection of a WordPress Website"},"content":{"rendered":"<p>If your WordPress website has been hacked and contains malware, a common suggestion for cleaning it up is to use the Wordfence Security plugin. There are a number of problems with that. One being that it won&#8217;t necessarily catch all the malware, as someone looking for help with the plugin recently <a href=\"https:\/\/wordpress.org\/support\/topic\/wordfence-stopped-detecting-the-creation-of-new-folders\/\">noted<\/a>:<\/p>\n<blockquote><p>Hello, I\u2019m using the free version and I\u2019m doing daily scans because my site has a malware. At some point the scan did not detect some new folders that have been created in the root folder.<\/p>\n<p>The folders has some random characters as an name and it contains an index file and a cache folder.<\/p><\/blockquote>\n<p>The larger problem with what they were bringing up there is that if you had cleaned up the malware, there wouldn&#8217;t even be more malware to possibly detect day after day. So something has gone wrong there.<\/p>\n<p>If there is malware on a WordPress website, the focus shouldn&#8217;t be on removing the malware, though it does need to be removed. It should be how it got there, which is something that Wordfence Security can&#8217;t determine. When the plugin removes the files without determining that, it makes it harder to figure out.<\/p>\n<p>Another important reason for trying to figure out how the website was infected, which have seen over and over in years of being brought in to <a href=\"https:\/\/www.whitefirdesign.com\/services\/hacked-wordpress-website-cleanup.html\">re-clean hacked WordPress websites<\/a>, is that in doing the work to try to figure out how the website was hacked, you often find malware or other malicious code that otherwise would have been missed.<\/p>\n<p>Figuring out how the malware got there in the first place or at least stopping it from getting back in basic part of a proper hack cleanup, but something that many security providers, including <a href=\"https:\/\/www.whitefirdesign.com\/blog\/2023\/09\/29\/wordfence-care-failed-to-resolve-reoccurring-malware-issue-on-wordpress-website\/\">the developer of Wordfence Security<\/a>, either don&#8217;t do or fail to accomplish.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If your WordPress website has been hacked and contains malware, a common suggestion for cleaning it up is to use the Wordfence Security plugin. There are a number of problems with that. One being that it won&#8217;t necessarily catch all the malware, as someone looking for help with the plugin recently noted: Hello, I\u2019m using &hellip; <a href=\"https:\/\/www.whitefirdesign.com\/blog\/2023\/10\/06\/wordfence-security-daily-malware-scans-are-not-the-way-to-clean-up-a-malware-infection-of-a-wordpress-website\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Wordfence Security Daily Malware Scans Are Not the Way to Clean Up a Malware Infection of a WordPress Website&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14,3],"tags":[],"class_list":["post-4947","post","type-post","status-publish","format-standard","hentry","category-website-malware","category-wordpress"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/4947","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=4947"}],"version-history":[{"count":1,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/4947\/revisions"}],"predecessor-version":[{"id":4948,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/4947\/revisions\/4948"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=4947"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=4947"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=4947"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}