Unknown file in WordPress core

  • Resolved dznutz48

    (@dznutz48)


    2 years, 7 months ago

    My webhost just fixed an issue with my website and now I have 454 results showing (99% are Unknown file in WordPress core). I have a feeling this is a false reading but it is still showing up on Wordfence and will probably show up on my host’s next scan.

    Details: This file is in a WordPress core location but is not distributed with this version of WordPress. This scan often includes files left over from a previous WordPress version, but it may also find files added by another plugin, files added by your host, or malicious files added by an attacker.

    Deleting these type files in the past has caused my site to go down.

    What is the best way to handle this?

    Why does WordPress include files left over from a previous WordPress version”

    Thanks

Viewing 5 replies - 1 through 5 (of 5 total)
  • Anonymous User 17880307

    (@anonymized-17880307)

    What is the filename that WF reports as unknown? Some php.ini file?

    Thread Starter dznutz48

    (@dznutz48)

    Here are a few. There are over 400.

    Filename: wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php

    Filename: wp-includes/rest-api/endpoints/class-wp-rest-widget-types-controller.php

    Filename: wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php

    Filename: wp-includes/template-canvas.php

    Filename: wp-includes/theme-i18n.json

    Filename: wp-includes/blocks/post-featured-image/style.min.css

    Filename: wp-includes/blocks/preformatted/style-rtl.min.css

    Plugin Support wfpeter

    (@wfpeter)

    Hi @dznutz48, thanks for reaching out and sending a sample of the filenames picked up.

    I would suggest as a first action taking a full backup of your site if you haven’t already, then clearing any caches you may have on your site as plugins or on your hosting plan and trying another scan to see if the same results are found. If so, the repair/remove option offered by Wordfence should help. However, I’ve noticed you stated this has previously broken your site – so that’s why the recent backup is important – but if this happens it could be because there are compromized files on your installation so cleanly removing inserted code while leaving the code WordPress requires is proving difficult.

    I may be able to get a clearer idea of whether the files contain malicious code if you send us a diagnostic report to wftest @ wordfence . com. You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

    Thanks,

    Peter.

    Thread Starter dznutz48

    (@dznutz48)

    Thank you @wfpeter. I did as you suggested. Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”.

    Thanks,

    Dave

    Plugin Support wfpeter

    (@wfpeter)

    Hi @dznutz48,

    I was just going through our email messages and noted that we had never received a diagnostic from your site, or at least with your username attached. If you’re still experiencing problems please try again using the method above and let me know.

    Just in case that doesn’t work again, the diagnostic can be exported as a txt file on the same screen, which could be sent directly to the wftest email address above; just remember to put your forum username in the email’s subject line so I can try finding it there.

    Thanks,

    Peter.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Unknown file in WordPress core’ is closed to new replies.