Wordfence warning of malicious cache files in latest WP related to Total Cache?
-
I keep getting (since the latest WP update and my installation of Total Cache to speed up my site) warning of files in cache directory (message on scan below)
However when I try to delete the file, it says it cannot be deleted as it was not found. An ftp check shows no directory 81c.
There have been others and I have deleted them (since yesterday) using wordfence, but I am beginning to wonder if these are false positives? Or are they related to Total Cache?Scan results:
wp-content/cache/object/000000/81c/995/81c9959e9e49cee93ccaf2f0bb44c74f.php
File type: Not a core, theme or plugin file.
Issue first detected: 1 min ago.
Severity: Critical
Status New
This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “eval”;a:2:{i:0;s:5:”EAPLq”;i:1;s:35:”/[^a-z\/'”]eval\([^\)]+[‘”\s\);]+/i”;}s:15:”preg_replace /e”;a:2:{i:0;s:5:”CCIGG”;i:1;s:104:”/preg_replace[\s*\(]+([‘”])([\!\/\#\|\@\%\^\*\~]).+?\2[imsx]*e[imsx]*\…”. The infection type is: Suspicious eval with base64 decode.Message when I try to delete:
An error occurred
An invalid file was requested for deletion
The topic ‘Wordfence warning of malicious cache files in latest WP related to Total Cache?’ is closed to new replies.
