WordPress sites getting compromised and Malware

[Rajesh Chauhan]

I have many websites built on WordPress by different customers, We have noticed mass compromisation on the sites by adding codes in the wp-config file. Even I have checked many accounts having suspicious files, Scanned with ClamAV it shows them as Malware but even after them, they come back after a few days.

 

[cPanelLauren]

Hi @Rajesh Chauhan


My assumption would be that you have a vulnerable plugin/theme/etc. on these sites that continues to allow the site to be compromised. Removing the data isn't really enough, you need to remove the source of the issue. They have an article that might be helpful for you here: Hardening WordPress « WordPress Codex

Thanks!

 

[Rajesh Chauhan]

Is there any module to analyze such vulnerable files or detect or protect them from the server end?

 

[cPanelLauren]

Hi @Rajesh Chauhan

As far as analyzing which plugins/themes/etc. may be vulnerable we don't provide anything of that nature though you may find a WordPress specific plugin that does this a quick google search should provide you with some useful results. ClamAV can identify malware already on the server but not which plugins you've installed on the Wordpress installation that may be vulnerable.

Thanks!

 

[Infopro]

Is there any module to analyze such vulnerable files or detect or protect them from the server end?

At the bottom of the link posted above by cPanelLauren are several suggestions, WordFence and Sucuri addons are two you might want to look into installing. Both have online website scanners as well I believe.
Hardening WordPress « WordPress Codex