By the way….
I do love the plugin.
If I could gain more confidence with it. I would use it over WordFence because I like the simple 2FA feature.
However, I have used WordFence for a while and am used to the results and its capabilities….
Plugin Author
Paul
(@paultgoodchild)
We’re releasing a major update to the plugin in the next day or so and part of that will include a refinement of this scanning feature which will hopefully remove some false positives from the results.
Plugin Author
Paul
(@paultgoodchild)
did the update help with this?
Hi Paul.
I don’t think it did….
I received the below yesterday….
———————————————–
Hi !
Shield has detected files on your site with potential problems.
This is part of the Hack Protection feature for the WordPress Core File Scanner. [More Info]
Site Home URL – https://www.cattlegrids.com
Details for the problem files are below:
The MD5 Checksum Hashes for following core files do not match the official WordPress.org Checksum Hashes:
– wp-mail.php ( Repair file now / WordPress.org source file )
– wp-cron.php ( Repair file now / WordPress.org source file )
– wp-activate.php ( Repair file now / WordPress.org source file )
– wp-blog-header.php ( Repair file now / WordPress.org source file )
– wp-signup.php ( Repair file now / WordPress.org source file )
– wp-load.php ( Repair file now / WordPress.org source file )
– wp-login.php ( Repair file now / WordPress.org source file )
– wp-comments-post.php ( Repair file now / WordPress.org source file )
You should review these files and replace them with official versions if required.
Alternatively you can have the plugin attempt to repair/replace these files automatically. [More Info]
This email was sent from the Shield plugin, provided by iControlWP – WordPress Management and Backup Protection For Professionals.
WordPress Site URL- https://www.cattlegrids.com. / Current Plugin Version- 5.8.1.
Plugin Author
Paul
(@paultgoodchild)
Have you tried running the repair?
No I didn’t.
Wordfence scan says no issues and I cannot see any reason why anything is compromised so I haven’t ran the repair.
Plugin Author
Paul
(@paultgoodchild)
There is a difference, and it may just be whitespace somewhere, likely if you downloaded it and uploaded it from your computer, or if you used a “WordPress installer” that comes with your webhost. The changes we made offset some whitespace differences, but other than that, our scan is pretty strict when it comes to having any difference.
Running the “repair” will simply replace the files with originals from WordPress.org. If you don’t want to do this, and you’re happy enough with Wordfence saying it’s fine, better to disable the scan altogether, I think. No point in running both of them.
