I’ve started to get warning from JetPack Protect security scan as follows (I get 2 warnings on each site I have Matomo WordPress Plugin and JetPack Protect installed)
Is this anything I need to worry about?
Are you able to update the plugin to stop this warning in future?
Up to date on all WordPress, themes, plugins etc etc.
Tried removing the Matomo plugin (deleting all data) and reinstalling from plugins repository – scan throws the same warning.
Thank you
File contains malicious code: eagercache-502-tracker.php
A malware was found on your site. Please take immediate action.More
What did Jetpack find?
wordpresscore(.com) is a domain name that was used as part of an exploit to the Custom Content Type Manager plugin. This suspicious string that was found may or may not be related however. Further investigation may be required.
Sometimes the code is so heavily obfuscated that it's hard to tell what are the final intentions of it, however, Jetpack Scan team's experience allows them to pinpoint the most common indicators and alert when something is wrong.
The technical details
Threat found in file:/srv/htdocs/wp-content/uploads/matomo/tmp/cache/tracker/eagercache-502-tracker.php
1
<?php return unserialize('a:2:{s:8:"lifetime";i:1715317617;s:4:"data";a:296:{s:21:"PluginCoreVueMetadata";a:7:{s:11:"description";s:25:"CoreVue_PluginDescription";s:8:"homepage";s:19:"https://matomo.org/";s:7:"authors";a:1:{i:0;a:2:{s:4:"name";s:6:"Matomo";s:8:"homepage";s:19:"https://matomo.org/";}}s:7:"license";s:7:"GPL v3+";s:7:"version";s:5:"5.0.2";s:5:"theme";b:0;s:7:"require";a:0:{}}s:30:"PluginCorePluginsAdminMetadata";a:7:{s:11:"description";s:34:"CorePluginsAdmin_PluginDescription";s:8:... (truncated)
How to resolve or handle this detection?
Jetpack Scan cannot automatically fix this threat. We suggest that you resolve the threat manually: ensure that WordPress, your theme, and all of your plugins are up to date, and remove the offending code, theme, or plugin from your site.Add brute force protection.
Are there any settings/configuration or enable/disable for that feature? I don’t see any mention of it within the actual Jetpack Protect plugin interface.
That was the one feature in Jetpack (free) that I was hoping would finally come to Jetpack Protect (so that I don’t need to rely on Jetpack free plugin anymore). But just curious about the implementation of it in this Protect plugin, and whether it can be enabled/disabled somehow, or see any of the brute force stats/attempts (like you can in the core Jetpack free plugin), or enable certain IPs to be on a whitelist.
]]>Deprecated: Creation of dynamic property Automattic\Jetpack\Connection\Manager::$error_handler is deprecated in C:\xampp\htdocs\wp\wp-content\plugins\jetpack-protect\jetpack_vendor\automattic\jetpack-connection\src\class-manager.php on line 94Latest results as of septiembre 30th
All vulnerabilities 0
Plugins
Advanced Custom Fields PRO
Connects – MailWizz Addon
Convert Plus
Google Analytics
Jetpack
Jetpack Protect
Woo Checkout Editor
WooCommerce
WP Cost Estimation & Payment Forms Builder
Yoast SEO
Themes
Pro & Child Theme
No vulnerabilities found
The last Protect scan ran and we didn’t find vulnerabilities.
In the footer there was a sale of the creator’s services:
Jetpack Security (10GB)
€287.40 Discount for the first year €131.40
Plan subscription: €287.40 per year`
I don’t understand, is Jetpack Protect included in the Original Jetpack plugin?
If Jetpack Protect is NOT included in the Original Jetpack plugin, can I install Jetpack Protect with the Original Jetpack plugin.
Thanks and Have a Great Day!
Julian
My question is
What does Jetpack Protect Stats count as a Blocked malicious login attempt?
I am using a plugin to change the URL of the login page and I have set a .htaccess password over the new page so it is almost impossible to access without knowing the URL.
I have Jetpack Protect enabled.
Even with these protection methods in place – It is still blocking about 20 access attempts per day.
Reason
I am considering uninstalling Jetpack for speed reasons. If my new security measures are as effective as I think they are – I dont understand why Jetpack is still reporting 20 blocked attempts per day. If someone can confirm what it counts as a blocked attempt that would be great.
My browser crashed and I got the error message when I reopened it.
My problem with this feature is the following:
The IP address Jetpack flagged is not my IP, but my server’s IP address.
I went to my JetPack settings –
“Enabling brute force protection will prevent bots and hackers from attempting to log in to your website with common username and password combinations.
Your current IP:”
This also lists my server’s IP and not mine.
I don’t understand. What should I do?
Peter
]]>I followed the instructions on Jetpack support and whitelisted my IP address but am still locked out.
]]>on a multisite install with Jetpack Protect enabled, the users occasionally cannot login via LWA. They get the message ‘an error has occured, please try again’.
Login via wp-login.php works fine in that case. After disabling Protect, LWA works again.
Whitelisting IP’s is not really an option, since all users have to login to read the content (it’s a paywall site).
I already asked the Jetpack team for help. Jeremy Felt offered a patch which seemed to solve the problem at first. But it sometimes reoccur, unfortunately, also with the patch applied.
https://www.ads-software.com/support/topic/conflict-with-ajax-login/#post-8692563
Do you guys have any idea?
Thanks and best Regards,
Steffen