Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • February 13, 2017 at 3:04 pm #746428
    lanelee

    Alert generated at Saturday 11th of February 2017 at 08:10:20 AM
    Critical Problems:
    * File contains suspected malware URL: /home1/toledobl/public_html/reach2/wp-content/themes/enfold 2/config-templatebuilder/avia-template-builder/php/html-helper.class.php

    It says it links to http://www.link.at ? That site is Blacklisted on Google I guess?

    February 13, 2017 at 5:27 pm #746533
    wilsongrant

    I got the same alert…..

    February 13, 2017 at 5:30 pm #746534
    Yigit

    Hey!

    Please update Enfold to the latest version 3.8.5 – http://kriesi.at/documentation/enfold/updating-your-theme-files/ and flush browser cache and refresh your page a few times – http://wiki.scratch.mit.edu/wiki/Hard_Refresh

    I am quoting Kriesi’s response on the issue

    I will explain in a little more detail so you do understand whats going on here. First of all: Basilis is right. There is no security risk at all. Its a false positive.

    In the file that is mentioned by Wordfence and other security tools (enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php) we got a php comment that explains what one of the functions does. The comment says:

    //fallback for previous default input link elements: convert a http://www.link.at value to a manually entry

    The link that is posted in that file is a generic placeholder for any link used. What we did not know is that actually someone was using the domain “link.at”. Apparently this domain got hacked now and is blacklisted. And this is why Wordfence thinks that the theme has a problem, because there is a link to a hacked domain.

    However: This link is located in a php comment (its not an actual html link) which will never be displayed anywhere, can not be clicked, can not be used at all. It simply a line of non executable text. We will remove this text with the next update, however there is nothing you or your team need to do to your clients servers, theme files or whatnot since

    a.) there is no actual problem, just a false positive
    b.) you can fix the false positive by removing that single comment line

    We will release a small fix for this issue to prevent any further confusion about it. But to be clear once again: this can not be used to hack anyone or anything. It’s a false positive and if you think your site has been hacked its certainly not because of this. (I would also doubt that its because Enfold in general, because there are no known issues with the theme but if you think you have evidence that the opposite is true please share it so we can investigate the issue)

    Regards,
    Yigit

    February 14, 2017 at 5:47 pm #747013
    lanelee

    I assumed it was maybe something like that but, wanted to be sure! Thanks

    February 14, 2017 at 5:52 pm #747017
    Yigit

    Hey!

    You are welcome!

    For your information, you can take a look at Enfold documentation here – http://kriesi.at/documentation/enfold/
    And if there are features that you wish Enfold had, you can request them and vote the requested ones here – https://kriesi.at/support/enfold-feature-requests/
    For any other questions or issues, feel free to post them here on the forum and we will gladly try to help you :)

    Best regards,
    Yigit

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • The topic ‘Wordfence Critical Issue with Enfold theme file?’ is closed to new replies.