Infinite WordPress Backup – Wordfence reporting problem

  • Resolved carriejeeze

    (@carriejeeze)


    9 years, 9 months ago

    I get, on several different sites, with different hosts, Wordfence reports of malicious code in Infinite WordPress automatic backups.

    The sites all pass as clean from Sucuri & the reports of malicious code are only for the IWP backup files.

    I have downloaded & unzipped one of the files in question & cannot find the reported malicious code anywhere in it — in this particular case it was the infamous soaksoak.ru, but the reports vary.

    I’ve talked with IWP support & they seem stumped.

    Any suggestions? I don’t know where to go from here & I don’t know if the backups are really compromised or not…

    I can send the actual notices from Wordfence & the entire zipped backup file, if that would be helpful.

    TIA for the great product & great service.

    https://www.ads-software.com/plugins/wordfence/

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hi,

    You can send to me brian at wordfence dot com and we’ll look at it.

    Thanks!
    Brian

    Thread Starter carriejeeze

    (@carriejeeze)

    Thanks for the quick response, Brian. Info sent via email.

    Got it. I forwarded to the developers to look at.

    Plugin Author Wordfence Security

    (@mmaunder)

    Hi,

    Brian asked me to take a look at this. It appears from the email you sent us this was caused by a malicious URL in a backup file. This is a fairly common false positive, especially if your backup files contain access logs which often contain malware referrers.

    So in this case I think you can safely ignore this.

    As an aside: it appears you’re running an older version of Wordfence because our newer versions actually include an image of the malware URL in the email alert we send you. So make sure you upgrade if you need to.

    Also note that on the Wordfence options page you can exclude your backup files using a wildcard pattern. The option is titled “Exclude files from scan that match these wildcard patterns. Comma separated”.

    Regards,

    Mark.

    Thread Starter carriejeeze

    (@carriejeeze)

    Thank you!

    I’m running Wordfence 5.3.6, which seems to be the latest, but the message could have been an older one.

    I’ll let me folks over at Infinite WordPress know too — they were curious about this.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Infinite WordPress Backup – Wordfence reporting problem’ is closed to new replies.