Tagged: ,

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #840797

    I’m using Enfold a long time (V4.1.2 today) and everything is fine so far.

    Today I received an security related email generated by the WP plugin “Shield” from iControlWP:

    Shield detected files on your site which are not recognised.
    This is part of the Hack Protection module for the WordPress Unrecognised File Scanner. [Weitere Informationen]

    Site Home URL – http://mysite.com/zzz
    The following files are considered “unrecognised” and should be examined:

    – /var/www/zzzzz/html/zzz/wp-admin/theme-uploader.php
    – /var/www/zzzzz/html/zzz/wp-admin/includes/upgrade.php.orig
    – /var/www/zzzzz/html/zzz/wp-admin/plugin-uploader.php
    – /var/www/zzzzz/html/zzz/wp-admin/uploader/upload.php
    – /var/www/zzzzz/html/zzz/wp-admin/uploader/pclzip.lib.php
    – /var/www/zzzzz/html/zzz/wp-includes/functions.php.new2
    – /var/www/zzzzz/html/zzz/wp-includes/functions.php.orig

    You should review these files and remove them if required.
    You can now add these file names to your exclusion list to no longer be warned about them.
    Alternatively you can have the plugin attempt to delete these files automatically. [Weitere Informationen]

    As an Android developer I have little to no knowledge of the website specific functionalities and would like to know if any of those recommended removals would break anything in my Enfold.

    ———————–
    EDIT:
    After some research I found out that this is most propably caused by the webhoster platform Plesk.
    Deleting the files didn’t break anything on my site.
    The files
    ../wp-admin/includes/upgrade.php.orig
    ../wp-includes/theme-uploader.php
    appeared again the next day,

    The Shield plugin now offers a way to exclude trusted files from scan via “Hack Protection” – “Unrecognised Files Scanner” – “File Exclusions”

    • This topic was modified 7 years, 3 months ago by rallef.
    #841128

    Hey rallef,

    Files that end in something other than .php looks very suspicious:

    – /var/www/zzzzz/html/zzz/wp-admin/includes/upgrade.php.orig

    I would recommend that you download a fresh copy of WordPress and compare the original with your site. I would simply replace the files listed with a fresh copy and delete the files which shouldn’t be there.

    Best regards,
    Rikard

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.