Daily, and sometimes more often, I run a WF scan on my site files and get a warning that reads:
“File appears to be malicious: /wp-content/cache/log/000000/pagecache.log
This file has been installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “viagra-online”. The infection type is: Spam:HTML/spamtags. If this file was detected because you have enabled “Scan images, binary, and other files as if they were executable”, which treats non-PHP files as if they were PHP code. This option is more aggressive than the usual scans, and may cause false positives.”
All of my WP and WF files, themes, plug-ins, etc. are up-to-date and no problems are reported within any of the other site files when a WF scan is run.
I delete this file, and it comes right back in less than a day.
What do I need to do to prevent outsiders from injecting this file?
]]>– Just cleaning out files isn’t enough. When you’re done, you may want to implement some (if not all) of the recommended security measures.
]]>