Why my wordpress blog files are getting changed?

It’s really hard to give you a 100% solid answer, because there is not much info in your question, but… Let me do some educated guesses…

The files that are mentioned in your question are very often used by attackers to put some malware code. Why? Almost all WP sites have these files. Most of sites don’t block access to these files, so after infecting them it’s easy to run malware code on the server.

Why does it happen over and over again?

If it is really an infection, then it’s pretty clear why does it come back. I assume that you get original files from GIT and put them on server. It solves the problem. At least the visible part of it – files are original again.

But… The cause of the problem is still on the site/server. If anyone was able to modify these files, then replacing them with original ones won’t block that possibility. Most probably there is some backdoor placed on your site, or some hidden admin account or one of your plugins/themes is vulnerable…

Why Wordfence doesn’t protect my site?

Because it is impossible for plugin to protect site that is already infected. Wordfence is just a plugin. If attacker is able to modify WP core files, then he can do whatever he wants with your site (he can disable plugins, change their behavior and so on; few years ago I’ve shown how easy it is to infect site with only few lines of code and make Wordfence to show “You are secure, you are secure” in it’s log).

So what should I do now?

  1. Take a look at these modified files and check what are the changes.
  2. If the site is infected, you’ll have to remove all infected files, backdoors, hidden users. Then check for vulnerabilities in plugins/themes you’re using on that site and repair all of them. At the end you should harden your site properly (and get rid of Wordfence, since it doesn’t do much, to be honest).

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)