finding a lot of suspicious files inside a site

Hi,
I have support access on for baincil.org. I ran a security scan and it found several suspicious files and I'm getting a lot of login lockout emails from defender for this site. Can you please go in and clean/fix this?

Corn

  • Nithin

    Hi cornelius_butler,

    I could notice there are some suspicious files in there. I have cleaned most of the files, except the ones listed under:

    /wp-content/themes/AdvanceImage5/header.php
    /wp-content/themes/simppeli/inc/custom-header.php

    Other than these 2 files, rest of the files listed are fine. These listed files are part of your theme, Advance Image5, and Simppeli theme. I tried to delete the header.php file via the Defender side, but it doesn't seem to get deleted for some odd reason, it could be related to permissions.

    Advance image 5 seems to be a custom theme? Is that created by you? Since I wasn't sure, I didn't go ahead for the process of deleting the whole theme. Would recommend you to to delete these theme, and then re-install a new updated theme version, which'll make all the suspicious code cleared.

    I'm getting a lot of login lockout emails from defender for this site.

    You can enable 2FA, and Mask Login in Defender, under Defender > Advanced Tools, which should make sure the login lockouts are reduced.

    Please let us know if you have any further query.

    Regards,
    Nithin

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.