cloner.php

Agreed. Please amend this script, it caused quite a scare on my end as well.

Choose a better filename like: managewp-cloner.php.
There was requests to this file in the server log

I taught my site is hacked and was trying to find the problem >:

@amib, right?!! I know, it gives me a heart attack every time I see one. Today’s fright was encountering “cloner_error_log” which is not quite as bad, just has some text in it that says

[2021-11-22 23:02:01] Unhandled exception in file cloner/websocket.php line 160: [ws_closed]: Connection closed

It would really be good if they put a comment or something to explain “This is from cloner.php by ManageWP.com. Learn more: https://managewp.com/features/backup” — another lost opportunity for both clarity of purpose and marketing.

Please for the love off things get this done devs. I just wasted 2 hours trying to figure out why some of my sites had cloner_error_log and not others before realising they all had the managewp worker plugin installed.

I just raised a ticket with manageWP.

• This reply was modified 2 years, 10 months ago by Charles.

I think my site is hacked, because never use Cloner… Choose a better filename ManageWP!

I think it’s also a bit of a security vulnerability, as the error log file is publicly accessible per default and could disclose information. And yes, I was also worried that my website was hacked when I saw this the first time.

JFC, thanks man. I’ve literally been running scans all day. ManageWP please address this and also as @magicenoch mentioned, the error log should not be saved in the public root directory.

@bkjproductions Hey there. I just had a quick question. I too noticed this in my root directory. I’m not really WordPress savvy and rarely do I ever go into my FileZilla to check out my files running for my GoDaddy Managed WordPress blog. But, I noticed that each day now, I have this cloner error log now with one line in it.

Unhandled exception in file /var/www/cloner.php line 1762: [ws_closed]: Connection closed

I read through what you said. But honestly, it’s kind of all greek to me. It seems like it’s not a big deal, but I just wanted to know if you or someone else in this thread can explain at a high level what this exactly means again? It seems like my backups are finishing fine?

@andrewarthurdawson I would suggest you contact ManageWP/GoDaddy and ask them this question. And ask them to put a comment in their code so that anyone who reads it can understand that it is from ManageWP.

If enough people can bother ManageWP about, maybe they will “sign their work.”

I would suggest you check your backups every now and then. We generally pull down one from ManageWP periodically just to test. Sometimes they are incomplete backups!

@bkjproductions I appreciate you responding. I read a lot about this over the past day. It seems like Godaddy changed their backup process last fall and this became an “error” in their log since. For those who go into their files like I do occasionally, I noticed it. But to the general masses who use godaddy managed WordPress, they probably never go in there to notice. In the front end all of my backups look fine. I haven’t seen an error in any of them. So basically this is just an exception error recorded but not a grave error? And obviously has nothing to do with hacking like some had thought? It essentially is just a hiccup that occurs during the backup process and probably resumes after it?

@andrewarthurdawson Yes. It seems like the backups still are being completed despite the logged error. We can find this error within the mentioned file on a lot of managed websites, but have not experienced an incomplete backup so far. I would also recommend checking your backups regularly, as @bkjproductions mentioned.

Hi there,

Nikola from the ManageWP team here. I apologize for this more than late reply. The cloner_error_log is a file that is created on your website when it is being backed up, restored, or cloned onto by our Backup/Restore/Clone tool. Usually, this file is cleaned up automatically by our system, but in some rare cases, it can happen that it (alongside cloner.php) remains on your website. If you’re not performing any backups/restore or clone tasks at the moment, you can safely remove this file from your website. Our developer team is aware of this issues, and hopefully, it will be resolved soon.

Kind regards,

@nikolasavkovicmwp Thanks for replying, I’m sure we all appreciate it!
I don’t mind so much that it is leftover, but they need to comment in their code so that anyone who reads it can understand that it is from ManageWP.

(They should sign their work proudly!)

• This reply was modified 2 years, 3 months ago by bkjproductions. Reason: typo

It shouldn’t be in the root. Files created during the backup should be done in a specific manageWP/log sub-folder so that the folder can ignored from file change scans.