False positive in Dashboard?

  • I keep getting Core WordPress Files Were Modified in my Sucuri dashboard. Details are…

    PHP Version:
5.6.30
 
Version:
4.9.5
 
Running on:
nginx/1.12.2
 
Redirects to:
https://bizcrime.com/admin/
 
Redirects to:
https://bizcrime.com/admin/wp-admin/
Redirects to:
https://bizcrime.com/admin/wp-login.php?redirect_to=http%3A%2F%2Fbizcrime.com%2Fadmin%2Fwp-admin%2F&reauth=1

    The wp-login.php file doesn’t appear to be compromised and it’s not getting flagged in my WordFence scans. What’s up with this?

Viewing 5 replies - 1 through 5 (of 5 total)

  • The wp-login.php file doesn’t appear to be compromised and it’s not getting flagged in my WordFence scans. What’s up with this?

    You can mark the files listed in the table below the message “Core WordPress Files Were Modified” as “fixed”. If you believe the modifications are not product of a malicious infection, but instead are the result of the installation of additional extensions, then the flags are probably a false/positive.

    Thread Starter Zoinks! Graphics

    (@zoinks)

    Hi, thanks for the fast response! However this is not resolved. It’s easier to show than try to explain, so please have a look (CLICK HERE).

    The warning appears because the plugin detected 3 files in the root of your WordPress installation that do not belong to a regular WordPress site.

    You can safely delete both the “readme” file and the “error_log”. The other file was created by another plugin and it is up to you to decide what to do with it, you can either delete it if you think is useless or mark it as fixed if you think is harmless.

    Once you execute these actions, the warning will disappear.

    Hi, I have similar result like Zoinks, I have the same error log, which according to the reply from yorman I can safely delete and I also have a file with a green flag called bk.zip which I have no clue where it came from or how to check if its safe or not. Please advice.
    thank you!

    I have the same error log, which […] I can safely delete

    That’s correct, but I think you should understand the purpose of the file before the deletion. When you write code in PHP, the interpreter logs all the errors and warnings from that code in those “error_log” files. While you can safely delete them, if you don’t fix the code that is generating the warnings, the “error_log” file will keep appearing in the same directory.

    I also have a file with a green flag called bk.zip which I have no clue where it came from or how to check if its safe or not.

    If I were you, I would download the Zip file into my computer, and inspect its content (without extracting) to see if the name of the files make sense to me. Taking a wild guess, bk.zip sounds like backup.zip, maybe you generated a backup file and forgot about it, or one of the support agents who manages your hosting account created it and forgot to delete it, it has happened to me in the past.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘False positive in Dashboard?’ is closed to new replies.