WordFence reports file differences between repository and installed plugin

  • Hi, I updates Yoast to the latest version (7.0.2) today.

    Now WordFence starts sending me warnings about file differences between the repository and my website. That can’t be the case because I updated from the repository. It happens on all my sites, including one new site where I removed this plugin and reinstalled it from the repository.

    Any idea why this happens? Usually this only happens when plugin files have been updated without releasing an actual new version.

    Warnings:

    * Modified plugin file: wp-content/plugins/wordpress-seo/languages/wordpress-seo-nl_NL.json

    * Modified plugin file: wp-content/plugins/wordpress-seo/languages/wordpress-seo-pt_PT.json

    * Modified plugin file: wp-content/plugins/wordpress-seo/vendor/autoload_52.php

    * Modified plugin file: wp-content/plugins/wordpress-seo/vendor/composer/autoload_real_52.php

    Thanks
    JP

Viewing 14 replies - 1 through 14 (of 14 total)

  • I am seeing the same issue on all mys sites, the same files alert on Wordfence. I “repair” the files and the issue comes back. I tried uninstalling Yoast and reinstalling as well.

    I also tried repair on my test site, but then the site became unavailable with a 500 server error. I had to delete the Yoas SEO plugin with FTP to bring the site back online and then reinstalled it.

    These look like false positives to me from WordFence.

    • This reply was modified 6 years, 8 months ago by markd33.
    AMX

    (@lightscapes)

    I have the same Wordfence message for the same files. Normally, in such cases Wordfence can show the differences, but in this case when I try to do that it says that “there are no differences”.

    I suspect it is because of this:

    ComposerAutoloaderInit5e2b2ecae601zzzt223a1cf7a9exxxxyyyyzzz

    Perhaps each site gets a different id number, fingerprint or whatever. I had this thing with another plugin, too. When you try to restore such a file it will break the site because this Init number will be wrong for your site – different than in the other files. You can only delete the whole plugin and reinstall it from the repository, there will be no differences in the files, so the issue will disappear but it may return after some time.

    I wish the plugin authors could explain it.

    • This reply was modified 6 years, 8 months ago by AMX.
    • This reply was modified 6 years, 8 months ago by AMX.
    • This reply was modified 6 years, 8 months ago by AMX.

    @markd33
    Why do you think these are falls positives?

    @lightscapes
    For me it does show differences.

    For me, on the first site I had the issue on, after I repaired the files I got the “white Screen of death”. I used FTP to change the name of the Yoast Folder and this immediately brought the site back. But this didn’t happen on the other sites.

    After looking at the report I see no differences in the files, so this might be a false positive based on version number differences.

    Where do you see the “ComposerAutoloaderInit5e2b2ecae601zzzt223a1cf7a9exxxxyyyyzzz”

    I am still getting the error over and over even after repairing.

    AMX

    (@lightscapes)

    @briannsync

    It appears for example in autoload_real_52.php, but I suppose you will have a different string of numbers and digits after “ComposerAutoloaderInit”. If that string is site-specific, as I assume, then obviously Wordfence will notice the difference between the file on your server and the one in WordPress repository.

    I see what you mean. I found that string in the file you mention. The first half of the string is the same in my file, then it changes for my site. I don’t see any mention of this on Yoast’s site.

    @jpnl What I mean by false positive is that while there may be differences being recorded, there’s nothing actually wrong. Your site wasn’t maliciously modified and you can safely ignore the warning

    You can find out more information on this here: https://www.wordfence.com/help/scan/options/?utm_source=plugin&utm_medium=pluginUI&utm_campaign=docsIcon#repo-plugin

    @markd33

    That’s exactly what I referred to in my original post…

    Usually this only happens when plugin files have been updated without releasing an actual new version.

    But that’s not what I call a false positive because there are real differences. I have never seen this happen with Yoast though.

    Plugin Support Md Mazedul Islam Khan

    (@mazedulislamkhan)

    We apologize for any inconvenience. We recommend you please remove the Yoast SEO plugin and reinstall it on your site to check whether this resolves the warning you’re receiving.

    If the issue persists, please follow the progress of the report in here: https://github.com/Yoast/wordpress-seo/issues/9178

    Thanks @mazedulislamkhan issue still happens after reinstall. I reported it at github.

    Plugin Support Md Mazedul Islam Khan

    (@mazedulislamkhan)

    @jpnl We have just released the Yoast SEO v7.0.3. Can you please update your Yoast SEO to the latest version to check whether this resolves the issue? If the issue persists, please report it to the GitHub issue so our developer can investigate this issue further.

    @mazedulislamkhan looks like this is fixed now. Thank you!

    JP

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘WordFence reports file differences between repository and installed plugin’ is closed to new replies.