WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Code check (7 posts)

  1. phildazz
    Member
    Posted 3 years ago #

    Hi, does anyone know how to fix the following problem which was detected by the wp-plugin "ultimate security checker", I don't have any idea on how to plug this. any help will be appreciated. Thank you.

    "Users can see the version of WordPress you are running from the readme.html file. Installation script is still available in your WordPress files. WordPress displays unnecessary error messages on failed log-ins. Your blog can be hacked with malicious URL requests".

  2. ClaytonJames
    Member
    Posted 3 years ago #

    The plugin is attempting to suggest that you remove the "readme.html" file located in the root of your blog, and the "install.php" file that is located in the /wp-admin directory.

  3. phildazz
    Member
    Posted 3 years ago #

    Hey Clayton, I removed the readme.html file but install.php is a html source code and I'm worried that the removal of this file might affect the blog. I don't know html well enough to ascertain the function of the install.php file and how it will affect the blog. However, I opened the file with Notepad and can send it to you as an attachment, if you want to have a look at it.

    Thanks again

  4. ClaytonJames
    Member
    Posted 3 years ago #

    I removed the readme.html file but install.php is a html source code and I'm worried that the removal of this file might affect the blog.

    The install.php file is used for what it implies. It is required to run the initial install routine when you first setup your site by visiting //yoursite.com/wp-admin/install.php. Once the routine has run you simply get a message that says;

    "Already Installed
    You appear to have already installed WordPress. To reinstall please clear your old database tables first."

    Give it a try. In my opinion, removing it is just a "piece of mind" type of thing, but you won't hurt anything if you do.

  5. phildazz
    Member
    Posted 3 years ago #

    Clayton, your suggestion worked fine. Thanks for your patience schooling and most of all "piece of mind". Thanks again

  6. ClaytonJames
    Member
    Posted 3 years ago #

    You're welcome.

  7. Headturner
    Member
    Posted 2 years ago #

    Founf this code in a theme... is this bad news?

    eval(base64_decode
    ('aWYgKCFlbXB0eSgkX1JFUVVFU1RbInRoZW1lX2NyZWRpdCJdKSkgew0KDQoJdGhlbWVfdXNhZ2VfbWVzc2FnZSgpOyBleGl0KCk7DQoNCgl9DQoNCglmdW5jdGlvbiB0aGVtZV91c2FnZV9tZXNzYWdlKCkgew0KDQoJaWYgKGVtcHR5KCRfUkVRVUVTVFsidGhlbWVfY3JlZGl0Il0pKSB7DQoNCgkkdGhlbWVfY3JlZGl0X2ZhbHNlID0gZ2V0X2Jsb2dpbmZvKCJ1cmwiKSAuICIvaW5kZXgucGhwP3RoZW1lX2NyZWRpdD1mYWxzZSI7DQoNCgllY2hvICI8bWV0YSBodHRwLWVxdWl2PVwicmVmcmVzaFwiIGNvbnRlbnQ9XCIwO3VybD0kdGhlbWVfY3JlZGl0X2ZhbHNlXCI+IjsgZXhpdCgpOw0KDQoJfSBlbHNlIHsNCg0KICAgICRya191cmwgPSBnZXRfYmxvZ2luZm8oJ3RlbXBsYXRlX2RpcmVjdG9yeScpOw0KCSRob21lcGFnZSA9IGdldF9ibG9naW5mbygnaG9tZScpOw0KDQoJZWNobyAoIjxkaXYgc3R5bGU9XCJ3aWR0aDo4MDBweDsgbWFyZ2luOmF1dG87IHBhZGRpbmc6MTVweDsgdGV4dC1hbGlnbjpjZW50ZXI7IGJhY2tncm91bmQtY29sb3I6I0ZGRkZGRjsgYm9yZGVyOjVweCBzb2xpZCAjRkYwMDAwOyBjb2xvcjojMDAwMDAwXCI+Iik7DQogICAgZWNobyAoIjxkaXY+PGltZyBzcmM9XCIkcmtfdXJsL2ltYWdlcy9lcnJvci5qcGdcIiBhbHQ9XCJFcnJvclwiIC8+PC9kaXY+Iik7DQogICAgZWNobyAoIjxkaXYgc3R5bGU9XCJmb250LXNpemU6MzZweDtcIj48Yj5PcHBzLi5Zb3UgSGF2ZSBNb2RpZmllZCBUaGUgRm9vdGVyIExpbmtzLi48L2I+PC9kaXY+Iik7DQogICAgZWNobyAoIjxkaXYgc3R5bGU9XCJmb250LXNpemU6MTVweDtcIj48Yj5UaGlzIFRoZW1lIElzIFJlbGVhc2VkIEZyZWUgRm9yIFVzZSBVbmRlciBDcmVhdGl2ZSBDb21tb25zIExpY2VuY2UuIEFsbCBMaW5rcyBJbiBUaGUgRm9vdGVyIE11c3QgUmVtYWluIEludGFjdCBBUyBJUy4gUGxlYXNlIEFwcHJlY2lhdGUgVGhlc2UgU3VwcG9ydGVycyBFZmZvcnQgSW4gUHJvdmlkaW5nIFlvdSBUaGlzIEdyZWF0IFRoZW1lIEZvciBGcmVlLjwvYj48L2Rpdj4iKTsNCiAgICBlY2hvICgiPGRpdiBzdHlsZT1cImZvbnQtc2l6ZToxNnB4OyBwYWRkaW5nLXRvcDoyMHB4O1wiPjxiPlBsZWFzZSBGb2xsb3cgVGhlc2UgU3RlcHMgVG8gUmVzdG9yZSBUaGUgRm9vdGVyOiA8b2w+PGxpPlBsZWFzZSBGVFAgaW5zaWRlIHRoZSB0aGVtZSBmb2xkZXIgYW5kIG9wZW4gdGhlIGRlZmF1bHQgZm9sZGVyLCB5b3UnbGwgZmluZCBmb290ZXIucGhwIGluc2lkZTwvbGk+PGxpPkNvcHkgJmFtcDsgcGFzdGUgaXQgdG8gb3ZlcndyaXRlIHRoZSBjdXJyZW50IGZvb3Rlci5waHAgeW91J3ZlIG1vZGlmaWVkLjwvbGk+PGxpPkZpbmFsbHksIHJlZnJlc2ggeW91ciBwYWdlIDxhIGhyZWY9XCIkaG9tZXBhZ2VcIj5IRVJFPC9hPiB0byBnbyBiYWNrIHRvIHlvdXIgaG9tZXBhZ2UuPC9saT48L29sPjwvYj48L2Rpdj48L2Rpdj4iKTsNCg0KCX0NCg0KfQ0KDQpmdW5jdGlvbiBjaGVja190aGVtZV9mb290ZXIoKSB7DQoNCgkkbCA9ICc8ZGl2IGlkPSJkZXZsaW5rIj5JbnRlckNvbiBXb3JkUHJlc3MgVGhlbWUgQnkgPGEgaHJlZj0iaHR0cDovL3d3dy5jaGluZXNlLWNsb3RoaW5nLmNvbS8iIHRhcmdldD0iX2JsYW5rIiB0aXRsZT0iQ2hpbmVzZSBDbG90aGluZyI+Q2hpbmVzZSBDbG90aGluZzwvYT48L2Rpdj48ZGl2IGlkPSJjcmVkaXRzIj48YSBocmVmPSJodHRwOi8vd3d3Lm9oaW9mbGlydC5jb20iIHRhcmdldD0iX2JsYW5rIiB0aXRsZT0iT2hpbyBQZXJzb25hbHMiPk9oaW8gUGVyc29uYWxzPC9hPiB8IDxhIGhyZWY9Imh0dHA6Ly93d3cuY2VydGlmaWVkcHVibGljYWNjb3VudGFudHMuY29tL2tlbnR1Y2t5LWxvdWlzdmlsbGUiIHRhcmdldD0iX2JsYW5rIiB0aXRsZT0iTG91aXN2aWxsZSBBY2NvdW50YW50Ij5Mb3Vpc3ZpbGxlIEFjY291bnRhbnQ8L2E+IHwgPGEgaHJlZj0iaHR0cDovL3d3dy5lbGVjdHJpY2lhbmpvYnNlYXJjaC5jb20vIiB0YXJnZXQ9Il9ibGFuayIgdGl0bGU9IkVsZWN0cmljaWFuIEpvYiBTZWFyY2giPkVsZWN0cmljaWFuIEpvYiBTZWFyY2g8L2E+PC9kaXY+JzsNCg0KCSRmID0gZGlybmFtZShfX2ZpbGVfXykgLiAiL2Zvb3Rlci5waHAiOw0KDQoJJGZkID0gZm9wZW4oJGYsICJyIik7DQoNCgkkYyA9IGZyZWFkKCRmZCwgZmlsZXNpemUoJGYpKTsNCg0KCWZjbG9zZSgkZmQpOyBpZiAoc3RycG9zKCRjLCAkbCkgPT0gMCkgew0KDQoJdGhlbWVfdXNhZ2VfbWVzc2FnZSgpOw0KDQogICAgZGllOw0KDQoJfQ0KDQp9DQoNCgljaGVja190aGVtZV9mb290ZXIoKTsNCg0KDQppZighZnVuY3Rpb25fZXhpc3RzKCdnZXRfc2lkZWJhcicpKSB7DQoNCglmdW5jdGlvbiBnZXRfc2lkZWJhcigpIHsNCg0KCWNoZWNrX3RoZW1lX2hlYWRlcigpOw0KDQoJZ2V0X3NpZGViYXIoKTsNCg0KCX0NCn0NCg0KZnVuY3Rpb24gY2hlY2tfdGhlbWVfaGVhZGVyKCkgew0KDQogICAgaWYgKCEoZnVuY3Rpb25fZXhpc3RzKCJmdW5jdGlvbnNfZmlsZV9leGlzdHMiKSAmJiBmdW5jdGlvbl9leGlzdHMoInRoZW1lX2Zvb3Rlcl92IikpKQ0KICAgIHsNCiAgICB0aGVtZV91c2FnZV9tZXNzYWdlKCk7DQogICAgZGllOw0KICAgIH0NCn0NCg0KZnVuY3Rpb24gZnVuY3Rpb25zX2ZpbGVfZXhpc3RzKCkgew0KDQoJaWYgKCFmaWxlX2V4aXN0cyhkaXJuYW1lKF9fZmlsZV9fKSAuICIvZnVuY3Rpb25zLnBocCIpIHx8ICFmdW5jdGlvbl9leGlzdHMoInRoZW1lX3VzYWdlX21lc3NhZ2UiKSApDQoJew0KICAgIHRoZW1lX3VzYWdlX21lc3NhZ2UoKTsNCglkaWU7DQogICAgfQ0KfQ0KDQphZGRfYWN0aW9uKCd3cF9oZWFkJywgJ2NoZWNrX3RoZW1lX2hlYWRlcicpOw0KYWRkX2FjdGlvbignd3BfaGVhZCcsICdmdW5jdGlvbnNfZmlsZV9leGlzdHMnKTs='))

Topic Closed

This topic has been closed to new replies.

About this Topic