admin-ajax.php being called for malicious file
-
My server admin is warning me about admin-ajax and here is the warning from server side
::::::::::::::::::::::::::::::::::::::
Scanning web upload script file…
Time : Sat Dec 27 09:09:46 2014 -0500
Web referer URL :
Local IP : ************
Web upload script user : nobody (99)
Web upload script owner: mysite (519)
Web upload script path : /home/mysite/public_html/wp-admin/admin-ajax.php
Web upload script URL : http://mysite.com/wp-admin/admin-ajax.php
Remote IP : ***********
Deleted : No
Quarantined : No———– SCAN REPORT ———–
TimeStamp: Sat Dec 27 09:09:45 2014
(/usr/sbin/cxs –nobayes –cgi –clamdsock /var/clamd –cleanlog –defapache nobody –doptions Mv –exploitscan –nofallback –filemax 10000 –logfile /var/log/cxs.log –mail root –options mMOLfSGchexdnwZDRu –qoptions Mv –quarantine /home/quarantine –quiet –sizemax 500000 –smtp –summary –sversionscan –timemax 30 –virusscan /tmp//20141227-090945-VJ69qc5IxwcAAEtXf74AAAAR-file-rfOkEf)# (compressed file: revslider/update.php [depth: 1]) Regular expression match = [decode regex: 1]:
‘/tmp/20141227-090945-VJ69qc5IxwcAAEtXf74AAAAR-file-rfOkEf’
:::::::::::::::::::::::::::::::::::::::::::::::I do not have revslider plugin on my server, what is going on?
Do I need to DO anything or this is just false positive??????Thanks
- The topic ‘admin-ajax.php being called for malicious file’ is closed to new replies.