WordPress.org

Ready to get started?Download WordPress

Forums

Fast Secure Contact Form
cache/xedmdvy4vnroflyJ.php file has changed - malware code injection? (2 posts)

  1. freshwater
    Member
    Posted 6 months ago #

    my Better WP Security sent me an email and i use FS Contact Form.

    A file (or files) on your site at MYSITE.com have been changed. Please review the report below to verify changes are not the result of a compromise.

    wp-content/plugins/si-contact-form/captcha/cache/xedmdvy4vnroflyJ.php

    is this a malware code injection?

    thank you!

    FW

    https://wordpress.org/plugins/si-contact-form/

  2. JacobN
    Member
    Posted 6 months ago #

    It looks like the Fast Secure Contact Form uses the /captcha/cache/ directory to place CAPTCHA challenge responses temporarily.

    When using the Better WP Security plugin, you can navigate to Security from the left-hand menu, then click on Intrusion Detection.

    If you scroll down to the File Change Detection section, there is a Include/Exclude List drop-down that you should set to Exclude. Then below that in the File/Directory Check List field type in an exception for the Fast Secure Contact Form cache directory like this:

    wp-content/plugins/si-contact-form/captcha/cache

    That should stop you from getting alerts about files in that specific directory.

    - Jacob

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.