146 critical issues of the type 10901

  • Resolved Deniz

    (@dcwebd)


    2 years ago

    Dear Wordfence-Team,

    I just looked at a new client’s website and found Wordfence reporting 146 critical issues on different files. They all say:

    File Type: Not a core, theme, or plugin file from www.ads-software.com.

    Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: memory_limit = 268435456;\x0apost_max_size = 67108864;\x0asafe_mode = off;\x0aupload_max_filesize = 67108864;\x0a

    The issue type is: IOC:TXT/ini.unsafe.10901
    Description: Configuration file used to override posting and upload restrictions

    The Website is hosted on IONOS.

    Does the Site got hacked or is there another kind of problem?

    Thanks in advance!

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @dcwebd, thanks for reaching out to us!

    This looks like an issue we’ve seen on IONOS click & build WordPress installations that causes php.ini files to be created in every WordPress core folder. This is being raised as the core WordPress folders should usually be left unchanged.

    You can choose to ignore these for future scans as it’s my understanding that deleting them will result in the host recreating them.

    Thanks,

    Peter.

    Thread Starter Deniz

    (@dcwebd)

    Hi @wfpeter,

    thanks for the quick response!

    That’s a relief.
    In this case I will do so and ignore these warnings.

    Thanks again.

    Deniz

    I am very glad to see this thread! Just removed the mplugin malware from a site (which I didn’t build) and I am seeing 151 of these IOC:TXT/ini.unsafe.10901 errors on a deep scan. It’s also hosted on IONOS.

    Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘146 critical issues of the type 10901’ is closed to new replies.