WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
[resolved] Warning message without details? (12 posts)

  1. Ovidiu
    Member
    Posted 6 months ago #

    How am I supposed to know which files may contain malicious executable code? Anything I'm overlooking here?

    Wordfence found the following new issues on "Food & Chatter".

    NOTE: Upgrading to the paid version of Wordfence gives you two factor authentication (sign-in via cellphone)
    and country blocking which are both effective methods to block attacks.
    You can also schedule when your scans occur with Wordfence Premium.
    Click here to sign-up for the Premium version of Wordfence now.
    https://www.wordfence.com/wordfence-signup/

    Alert generated at Tuesday 4th of February 2014 at 03:35:53 PM
    Critical Problems:

    * This file may contain malicious executable code
    * This file may contain malicious executable code
    * This file may contain malicious executable code

    https://wordpress.org/plugins/wordfence/

  2. Wordfence
    Member
    Plugin Author

    Posted 6 months ago #

    There should be a list at the bottom of that page.

    Also please upgrade, you're running an older version of Wordfence. This is not what the email for WF 4.0.3 looks like where we removed that ad at the top.

    Regards,

    Mark.

  3. Ovidiu
    Member
    Posted 6 months ago #

    THX but I posted the entirety of that email. I already upgraded Wordfence, wasn't sure the problem was fixed. Lets see if the next warnings show the files affected.

  4. Wordfence
    Member
    Plugin Author

    Posted 6 months ago #

    I do apologize, another poster alerted me to the fact that we'd forgotten to remove that from another part of the code. It's been fixed now and will go out with the next release which should be some time next week. In the mean time you can edit the following file and remove it yourself if you'd like:

    lib/email_newIssues.php

    Regards,

    Mark.

  5. Ovidiu
    Member
    Posted 5 months ago #

    hm, just got another email that looked like that:

    Wordfence found the following new issues on "rum-reisen.de".
    
    NOTE: Upgrading to the paid version of Wordfence gives you two factor authentication (sign-in via cellphone)
    and country blocking which are both effective methods to block attacks.
    You can also schedule when your scans occur with Wordfence Premium.
    Click here to sign-up for the Premium version of Wordfence now.
    https://www.wordfence.com/wordfence-signup/
    
    Alert generated at Tuesday 11th of March 2014 at 12:14:50 AM
    Critical Problems:
    
    * This file may contain malicious executable code

    Running Wordfence Version 4.0.3

    In addition to that, after visiting my WF panel, I see apparently 3 issues: http://screencast.com/t/dXTvdpLLcqEf

    But they are nowhere to be seen: http://screencast.com/t/vwCqAN6S

  6. Wordfence
    Member
    Plugin Author

    Posted 5 months ago #

    Yes this issue is still in the current version and it's slated for removal in the next release which will be out in a few days.

    Regards,

    Mark.

  7. Ovidiu
    Member
    Posted 2 months ago #

    Having this issue in the current WF version, can anyone confirm?

  8. Ovidiu
    Member
    Posted 1 month ago #

    This is what it looks like, happening with the latest WF version as of right now:

    This email was sent from your website "pacura.ru" by the Wordfence plugin.

    Wordfence found the following new issues on "pacura.ru".

    Alert generated at Sunday 6th of July 2014 at 11:52:34 PM
    Critical Problems:

    * This file may contain malicious executable code

    NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
    two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
    A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
    several additional website infections. Premium members can also schedule when website scans occur and
    can scan more than once per day.

    As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
    priority support tickets using our ticketing system.

    Click here to sign-up for the Premium version of Wordfence now.
    https://www.wordfence.com/wordfence-signup/

  9. sdayman
    Member
    Posted 1 month ago #

    Your earlier screenshot shows only the Scan Summary. On the same (Scan) page, does the New Issues section at the bottom provide any more information?

    I don't recall if the Scan Details window would show the error.

    And if all else fails, turn on Debugging and see if the Scan Details window provides more information.

  10. Ovidiu
    Member
    Posted 1 month ago #

    That screen shot is 5 months old so I cannot remember but right now it does provide more info...
    Its just missing from the email.

  11. Wordfence
    Member
    Plugin Author

    Posted 1 month ago #

    Thanks for the report. We have found and fixed this issue and it will be released in the next version of Wordfence.

    To be clear, the issue you reported is that Wordfence did not specify the file that contains malicious code in the email alert. This has been fixed and will be released in Wordfence 5.1.6.

    Regards,

    Mark.

  12. Ovidiu
    Member
    Posted 1 month ago #

    correct and thanks for taking care of it.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.