Udraft version 1.8,6?

  • Resolved Malae

    (@malae)


    10 years, 3 months ago

    I received a warning from Wordfence, a security plug-in, as follows:
    This file belongs to plugin “UpdraftPlus – Backup/Restore” version “1.8.5” and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed.

    Plugin Name: UpdraftPlus – Backup/Restore
    Plugin URI: http://updraftplus.com
    Description: Backup and restore: take backups locally, or backup to Amazon S3, Dropbox, Google Drive, Rackspace, (S)FTP, WebDAV & email, on automatic schedules.
    Author: UpdraftPlus.Com, DavidAnderson
    Version: 1.8.5

    I have checked the contents of version 1.8.6 shown by Wordfence and it has many changes. I have no problems, but do not understand why a version that I have not seen in the WordPress updates has somehow become available elsewhere. If you are not the publisher of the version 1.8.6 file, I can post it in pastebin.

    http://wordpress.org/plugins/updraftplus/

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author David Anderson

    (@davidanderson)

    10 years, 3 months ago

    Hi,

    It’d be better to ask this of the WordFence people. See also: http://updraftplus.com/faqs/wordfence-warning-files-inside-updraftplus-changed/

    David

    Thread Starter Malae

    (@malae)

    10 years, 3 months ago

    Hi David,

    I have encountered this issue several times with various plug-in files and fortunately there is a Wordfence facility to compare the files side by side and I can usually ignore warnings that indicate differences of no consequence. I have also contacted Wordfence about these issues. Are the latest official versions not stored in the WordPress repository?

    In this case it is showing me a new version 1.8.6 of updraft.php with many changes. I presume it is a development version, not yet released officially as an update. If you can confirm this, I would be curious to learn how it is accessed by Wordfence.

    Plugin Author David Anderson

    (@davidanderson)

    10 years, 3 months ago

    Yes, the development version shows as 1.8.6. You can always check this by going to it yourself: http://plugins.svn.wordpress.org/updraftplus/trunk/

    A lot of plugin authors find WordFence quite annoying, because it creates extra support requests for us in ways that do nothing to help us.

    David

    Thread Starter Malae

    (@malae)

    10 years, 2 months ago

    My question is still how do they get hold of the development version if it is not in the release repository?
    Whatever, thanks for updating from 1.8.5 to 1.8.8. Now I have finally been able to get rid of all the false positives in Wordfence.
    All back to normal.

    Plugin Author David Anderson

    (@davidanderson)

    10 years, 2 months ago

    Hi Malae,

    Someone can also grab the current development trunk of the code – http://wordpress.org/plugins/updraftplus/developers/ – which may have a different version number to any released version. This applies to all plugins.

    David

    Thread Starter Malae

    (@malae)

    10 years, 2 months ago

    Hi David,
    I understand the situation. I have asked Wordfence over a week ago, to explain how and why they accessed the unreleased version, but got no reply. It must be frustrating for you. I will post if I get any more information.

    Plugin Author David Anderson

    (@davidanderson)

    10 years, 2 months ago

    Hi Malae,

    Thank you for the offer… but, there’s no need to keep us informed. When we looked at WordFence, we decided that its algorithm was broken, and that its reports were not useful to us.

    Best wishes,
    David

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Udraft version 1.8,6?’ is closed to new replies.