*Core WordPress Files Were Modified*

  • Resolved audiowarrior

    (@zonwarrior)


    7 years, 8 months ago

    This is what I see when I activate Sucuri: https://imgur.com/a/t27z4

    Everything is up to date.

    Fresh wordpress install, no other plugins.

    I also ran the sucuri online website scan and it’s clean.

    How is this possible? It’s a completely new wordpress install.

    • This topic was modified 7 years, 8 months ago by audiowarrior.
    • This topic was modified 7 years, 8 months ago by audiowarrior.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter audiowarrior

    (@zonwarrior)

    By the way, I clicked ‘Review False/Positives’ and it’s empty, no data available..

    To answer your question “How is this possible?” I have to explain how the plugin detects these changes. The plugin uses the checksum [1] of the files provided by the official WordPress releases and compares them with the checksum of the files in your website, if they are different the plugin flags the files are “modified”.

    However, instead of downloading a fresh copy of WordPress every time you execute the integrity check, it uses a public API available here [2] that allows people to retrieve the checksum of all the files for a specific version. It seems that the API is returning outdated data because the checksum of the “license.txt” and “controls.svg” files appear to differ from the checksum detected in your installation. The plugin has no control over this information, it barely uses the data that WordPress provides.

    If you want to remove the warning, go to the plugin’ settings page, click on “Scanner” then scroll down until “WordPress Integrity Diff Utility”, enable this tool then go to the dashboard again and click the filenames, the plugin will show a popup with the differences present in that file. If you consider these differences to be harmless you can select the file and mark it as fixed using the form below the table. Otherwise, select the files and execute the “Restore” action from the same form.

    [1] https://api.www.ads-software.com/core/checksums/1.0/?version=4.8
    [2] https://en.wikipedia.org/wiki/Checksum

    Hi, I have same problem.

    But i don′t have a files list.
    https://prntscr.com/gfk2jd

    https://prntscr.com/gfk30g

    https://prntscr.com/gfk3c8

    @rmsite — the message refers to a list of files that appears below the message itself, in a table, if you don’t see it is because the scanner is still loading in the background, just give it a couple of seconds to finish the scan, it shouldn’t take too much time but the performance depends on your own server.

    Take a look at this animated image — https://i.imgur.com/TBXLoWT.gif

    The option that you enabled/disabled — “WordPress Integrity Diff Utility” — has little to do with the message itself. This option just enables a new tool in the integrity panel to allow you to see the differences detected by the plugin on each WordPress core file, individually. Being enabled or disabled will not change the status of the warning message.

    Now I get it!

    Thank you very much. I’m enjoying the plugin!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘*Core WordPress Files Were Modified*’ is closed to new replies.