WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
w3tc causes many false "malicious executable" positives (1 post)

  1. rbredow
    Member
    Posted 1 year ago #

    When combining Wordfence with w3tc, the cached and compacted php files register as potentially malicious code given that they have . Since these cache files are regenerated and renamed constantly, this means every scan flags numerous errors. On average, I see 10-20 new false positives per scan.

    An example of the specific issue:

    This file may contain malicious executable code
    wp-content/cache/db/000000/3f2/981/839/3f29818398695347542685f1398d390d.php
    
    This file is a PHP executable file and contains a line 7578 characters long
    without spaces that may be encoded data along with functions that may
    be used to execute that code. If you know about this file you can choose
    to ignore it to exclude it from future scans.

    Could there be an advanced setting to ignore a certain directory from the malicious executable code scan?

    Thanks for an amazing plugin.

    Rob

    http://wordpress.org/extend/plugins/wordfence/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic