Can defender detect bad domain or link and malware?

I am trying to figure out how this script appears on my website files <link rel='dens-prefetch' href='//coinhive.com' /> will Defender plugin able to detect this kind of issue? coinhive is known to be a Crypto Miner. Am I overthinking this ? should I just ignore it? I have googled about coinhive, I see nothing but bad reviews. Will Defender plugin able to detect this kind of issue? Is this considered an issue? same question referring to the attached pic. Would Defender plugin be able to detect this ? Few days back my site was compromised and had some scripting that would redirect my users to other websites

  • Alvin
    • Design Lord, Child of Thor

    UPDATED

    Just want to update you all with my findings. I have manage to locate the source of the file that was calling that script. Thanks to this plugin Wordfence

    I highly recommend this plugin since I have tried several other plugins that did not manage to detect this error/virus/problem. Maybe WPMUDEV should take a look at this plugin & maybe try to incorporate some of its feature to Defender ? Thanks to the support team for being helpful regarding my case since this can be considered out of their job scope, but hey, maybe we can both learn something from this. Knowledge is power. Will mark this as resolved as soon as I finish cleaning up my compromised files. Currently I am half way done. The only downside with this plugin is, it do consume quite alot of memory resources.

  • Nastia
    • Support Rock Star

    Hello Alvin

    Hope you're doing well!

    Glad that your question is answered in live support chat. Just in case if our member looking for an answer, sharing it in here; the Defender can detect malware only if it is injected into Wordpress core PHP files. If the malware is added to css or js files, I am afraid these are undetectable by a plugin.

    Hope this helps!

    Cheers,
    Nastia

  • Nastia
    • Support Rock Star

    Hello Alvin

    The Defender plugin was planned and developed this way, it only checks the WP core signatures and detected changes within the WordPress core files. If the Malware file has a php extension the Defender can catch it.

    The Defender is created to prevent malware/php injection by hardening the site's core files and adding protection layers.

    Have a nice day and take care!

    Cheers,
    Nastia

  • Alvin
    • Design Lord, Child of Thor

    Hi Nastia,

    Will there be any plans in the future that WPMUDEV will be upgrading their plugin so that it will really live up to its name Defender. or maybe renaming it as DefenderPHPextension? Currently I dont see that plugin on the Product Roadmap. Just notice that the dropdown at the top right hand side doesnt have the roadmap link.

  • Dimitris
    • Support Star

    Hello there Alvin,

    hope you're doing good today! :slight_smile:

    Defender is a constantly developed plugin of ours and it's included in our roadmap page of course:
    https://premium.wpmudev.org/roadmap/
    (you can find the "Product Roadmap" link in our site's footer links)

    As for updating the file scanner module of Defender, there have been some thoughts for that (you can also add your own request by using this form in our Features&Feedback section of Support forums), but that will require most probably some more manpower and resources, so we could have some better malware definitions on our own, just like Wordfence has, and that would make us check signatures of plugins/themes to see if they've been modified...

    Hope that clarifies things better! :slight_smile:
    Have a good one,
    Dimitris

  • Alvin
    • Design Lord, Child of Thor

    Opps... my bad regarding the plugin wasn't in the roadmap. Hope to see Defender in future having this kind of feature. I believe that it would make more people consider in joining WPMUDEV with this kind of plugin at their disposal. Nevertheless, keep up the good job. Thanks for the info.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.