.backup_time

  • Resolved ed

    (@wesleysoccer)


    9 years, 7 months ago

    So I’m clearly getting hacked on some of my wp files and the sucuri plugin is finding the hacked files which is great. The only issue I can see is when I try to delete the .backup_time it will not delete…keeps coming back in the dashboard (I also can’t find this file via ftp). Any help here?

    https://www.ads-software.com/plugins/sucuri-scanner/

Viewing 5 replies - 1 through 5 (of 5 total)

  • It is probable that the file “.backup_time” is being generated by a backup system that is running in the server where your website is being hosted? If this is the case then you should not delete that file because (according to its name) it seems to be tracking the time of the last generated backup, if you delete that file it will probably confuse the backup system.

    What you can do is to select that file and mark it as fixed, that way the plugin will ignore it in future scans considering that it does not seems to be malicious. Note that the plugin will keep monitoring the modifications of these files even when you have marked them as fixed.

    Regarding the issue with the FTP client, I do not know what you software you are using so I can not give you a definitive solution to fix that, but I can explain you one possible reason. Do you notice the single dot at the beginning of the file? That dot forces the file system (in most Unix operating systems) to hide it in the directory listing. It is probable that your FTP client has an option to display hidden files.

    Another reason could be that the file has no read permissions for the FTP account that you are using. If you consider that the FTP protocol is based in the execution of basic plain text commands you could suspect that these commands may fail from time to time. For instance, it would be possible to execute a command like “LIST”, “MLSD”, or “NLST” to list the content of a directory and only get the files that are readable by the FTP account used in the connection.

    Let me know if you need more information.

    Thread Starter ed

    (@wesleysoccer)

    my site has been hacked but still unable to delete the .backup_time file or wp-admin/.backup_time

    I was able to delete from other sites but not on this site.

    Please help if possible…the plugin has detected this as a problem.

    In my previous message I explained that if the FTP account that you use to delete those files has different privileges than the user account that runs the web server where the PHP interpreter is running, then there will be no way for the plugin to delete those files. That is why I suggested to mark them as fixed so the plugin do not show them anymore.

    The plugin is not saying that those files are a problem, it is just warning that these files are not part of the official WordPress archives and that it would be a good idea to check them because they are suspicious but not necessarily malicious.

    Another solution would be to contact the support team of your hosting provider and request them to stop running the backup system in your specific account (which is not recommended) or at least to re-configure that system to stop creating that file. If you really believe that this file is malicious then I would appreciate if you can paste the content of that file here so I can take a look and confirm that it is malicious.

    @wesleysoccer I have not heard about you in a while, were you able to fix the issues that you were having? If yes then I would like to know what was its cause, maybe someone is having the same issues and it would be informative to have more information about it. If not then we could reopen this thread and try to troubleshoot this error again.

    I will mark this ticket as resolved for now.

    See the malware here:
    https://www.ads-software.com/support/topic/regarding-backup_time-1?replies=2#post-6883663

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘.backup_time’ is closed to new replies.