Kevin
Where is that in relation to the Falcon code there. Before? After?
tim
↧
WFSupport on "[Plugin: Wordfence Security] Cache clearing"
↧
awardbee on "[Plugin: Wordfence Security] Random .php files in core folder not detected by scanning"
@tim, yes I have got things back up and running, although it wasn't fun spending a whole day on it! Stupid hackers...
I'm definitely a lot more vigilant now about the plugins I install. It's sad, since a lot of plugins do such useful things...
Thanks for all your hard work on WordFence, ever since getting my sites back up it's the first plugin I installed. I didn't mean to imply in another thread that WordFence doesn't work well or it isn't effective, just that installing it after a site is already heavily compromised might be too late, and of course a site might be compromised through another backdoor besides WP
↧
↧
pictureitsolved on "[Plugin: Wordfence Security] wp-super-cache/readme.txt file contains suspected malware URL"
Is there a new issue with WP Super Cache plugin? I received a warning from Wordfence on two of my sites about a suspected malware URL in the readme.txt file. I wasn't using it and deleted the plugin.
Here's the text from the Wordfence scan:
File contains suspected malware URL: /wp-content/plugins/wp-super-cache/readme.txt
Filename: wp-content/plugins/wp-super-cache/readme.txt
Bad URL: (DELETED: I DON'T WANT TO SEND YOU THERE!)
File type: Not a core, theme or plugin file.
Issue first detected: 6 secs ago.
Severity: Critical
Status New
This file contains a suspected malware URL listed on Google's list of malware sites. Wordfence decodes base64 when scanning files so the URL may not be visible if you view this file. The URL is: (DELETED: I DON'T WANT TO SEND YOU THERE!) - More info available at Google Safe Browsing diagnostic page.
I followed the link to the Google Safe Browsing diagnostic page and there were current issues.
Karen
↧
pictureitsolved on "[Plugin: Wordfence Security] wp-super-cache/readme.txt file contains suspected malware URL"
Here are details from the Google Safe Browsing diagnostic page, with bad URLs removed.
Safe Browsing
Diagnostic page for BAD-SITE'S-URL
What is the current listing status for BAD-SITE'S-URL?
Site is listed as suspicious - visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 4 time(s) over the past 90 days.
What happened when Google visited this site?
Of the 492 pages we tested on the site over the past 90 days, 30 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-10-19, and the last time suspicious content was found on this site was on 2014-10-19.
Malicious software includes 32 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine.
Malicious software is hosted on 9 domain(s), including (REMOVED).
2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including (REMOVED).
This site was hosted on 1 network(s) including AS22611 (IMH-WEST).
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, BAD-SITE'S-URL appeared to function as an intermediary for the infection of 2 site(s) including (REMOVED).
↧
IrvingCrest on "[Plugin: Wordfence Security] wp-super-cache/readme.txt file contains suspected malware URL"
I also received this on many sites.
Wordfence gave me this this domain as the problem: designcontest dotcom Is it the same for you?
From the thread below:
"The readme.txt can't be executed. It probably flagged one of the credit links at the end of the file. The plugin doesn't have any malware."
From:
https://wordpress.org/support/topic/malware-reported-in-wp-super-cache-readmetxt?replies=4
↧
↧
WFSupport on "[Plugin: Wordfence Security] Random .php files in core folder not detected by scanning"
Exploits were the reason I installed it on the site I manage. They aren't fun and I'm pretty sure I was less than pleasant while I worked my way through the process of restoring everything. Hang in there, keep your plugins up to date, and hopefully we won't have to do this again. :)
tim
↧
WFSupport on "[Plugin: Wordfence Security] wp-super-cache/readme.txt file contains suspected malware URL"
You can select to ignore if the plugin author says it is ok. If the warning is directed at a link in the file, I'd consider trying to update to a fresh copy. See if we still flag it as bad, then either ignore it or find another caching solution.
tim
↧
WFSupport on "[Plugin: Wordfence Security] WordFence API error and Modified plugin file message"
So then what if, a hacker changes the file on your server. Its not changed in the wordpress repository but it is on yours. Whats in the repo is different than what is on your server. Its not a false positive because the file is different, even if the plugin author was just adding text or blank lines or whatever. If we didn't, then we wouldn't be doing our job.
tim
↧
WFSupport on "[Plugin: Wordfence Security] Logged Out as "" ???"
I had heard of someone who found 8 accounts in the database named "" and thats why I asked. It was a first for me. :)
Weird that they would show logout but not in. I am assuming you did a scan of the site afterwards, right?
tim
↧
↧
Hassaan Khan on "[Plugin: Wordfence Security] Php warnings , i had to disable the falcon engine"
Hi,
I'm already using a cache plugin called hyper cache. Do I need to skip that plugin to use Wordfence now, because Wordfence has got its own caching feature?
I'm not sure about this.
Please guide.
↧
remymedranda on "[Plugin: Wordfence Security] Keep getting api errors when trying to view files that were modified"
Hello,
I'm trying to view the modifications done to files after I ran a scan, but I'm getting an api error.
Also, I have several sites running on a shared server, and actually noticed that Wordfence was scanning all files on the shared server, after it gave me a warning about a file having being modified but not on the site the plugin was installed on but instead a site that was on our shared server.
So do we need to install Wordfence on each and every site within the shared server or only one?
↧
faospark on "[Plugin: Wordfence Security] Php warnings , i had to disable the falcon engine"
@Hassan probably you should have posted your own topic about your inquiry as this thread have been marked solved already
that said to answer your question,
hypercache has its own caching implementation very different from the falcon engine of wordfence
choose only one.
@mark,thanks again
↧
Hassaan Khan on "[Plugin: Wordfence Security] Php warnings , i had to disable the falcon engine"
ok
@faospark
↧
↧
WFSupport on "[Plugin: Wordfence Security] Php warnings , i had to disable the falcon engine"
Thanks for the good advice faospark. As he mentioned, its just like they said in Highlander. "There can be only one". Generally you never want to have two plugins performing the same function.
tim
↧
Hassaan Khan on "[Plugin: Wordfence Security] Hyper Cache and Wordfence Latest version Possible Clash!"
Hi,
I'm already using a cache plugin called hyper cache. Do I need to skip that plugin to use Wordfence now, because Wordfence has got its own caching feature?
I'm not sure about this.
Please guide.
↧
WFSupport on "[Plugin: Wordfence Security] Hyper Cache and Wordfence Latest version Possible Clash!"
You don't need to use the caching function to use wordfence for security. Just don't enable caching. Or remove theirs and add ours. We don't recommend using two plugins for the same function since sometimes they step on each other's toes and cause issues.
tim
↧
Hassaan Khan on "[Plugin: Wordfence Security] Hyper Cache and Wordfence Latest version Possible Clash!"
ok thanks!
↧
↧
WFSupport on "[Plugin: Wordfence Security] Keep getting api errors when trying to view files that were modified"
If they are all subdomains under the same blog installation, then no. If they are separate domains, then yes, install it on each one. You are likely picking up the other sites files because you selected to scan files outside your wordpress folder on the server. This option is on the options page.
If you are still getting the api error, try checking the box on the options page that says 'disable config caching' near the bottom of the page.
Thanks!
tim
↧
undressedmoney on "[Plugin: Wordfence Security] how to change the email address?"
I did manage a website for a client but I no longer manager their wordpress site but had wordfence registered with my email address. How can they change the email address to THEIRS? Uninstalling and reinstalling does not seem to eliminate the data and the same email seems to be active after a new install. Please advise how to change it!
↧
WFSupport on "[Plugin: Wordfence Security] how to change the email address?"
Have them go to the options page and change it in the field marked "Where to email alerts". Keep in mind, wordfence allows for multiple emails, separated by commas, to be entered here, so they might have to make sure it's not in the list but "off screen".
tim
↧