The VaultPress premium and enterprise plans include daily security scanning, and in many cases, one-click fixers. On this page, you’ll learn about some of the more common threats, and how to address them. If you have any questions, drop us a line.
Changes to Core WordPress Files
VaultPress checks your WordPress installation to see if any core files have been changed or deleted. Changes to these files should be reviewed for suspicious code.
You can click on the blue “Changed” button to show the changes that were made to the file. If you didn’t make the changes, you should consider the file suspicious. If you’re unsure of the changes you see, you can always contact us.
Web-based shells give an attacker full access to your server — allowing them to execute malicious code, delete files, make changes to your database, and more.
Shells are usually found in files, and can be removed by deleting the file from your server, and replacing the file with a clean version from your backup. If you don’t have a clean backup, or have any questions about removing shells, drop us a line.
TimThumb is a popular plugin that allows users to resize images on the fly. Older versions of TimThumb may include a vulnerability that allows third parties to upload and execute malicious code in the TimThumb cache directory.
The simplest way to repair this vulnerability is to update all copies of TimThumb to the latest version. Alternatively, you could delete all copies of TimThumb from your server. Deactivating a theme or plugin which uses TimThumb does not fix the vulnerability.
If you have any questions about security threats or suspicious code, you’re always welcome to contact us.