WordPress.org

Forums

Fast Secure Contact Form
cache/xedmdvy4vnroflyJ.php file has changed - malware code injection? (2 posts)

  1. freshwater
    Member
    Posted 1 year ago #

    my Better WP Security sent me an email and i use FS Contact Form.

    A file (or files) on your site at MYSITE.com have been changed. Please review the report below to verify changes are not the result of a compromise.

    wp-content/plugins/si-contact-form/captcha/cache/xedmdvy4vnroflyJ.php

    is this a malware code injection?

    thank you!

    FW

    https://wordpress.org/plugins/si-contact-form/

  2. JacobN
    Member
    Posted 1 year ago #

    It looks like the Fast Secure Contact Form uses the /captcha/cache/ directory to place CAPTCHA challenge responses temporarily.

    When using the Better WP Security plugin, you can navigate to Security from the left-hand menu, then click on Intrusion Detection.

    If you scroll down to the File Change Detection section, there is a Include/Exclude List drop-down that you should set to Exclude. Then below that in the File/Directory Check List field type in an exception for the Fast Secure Contact Form cache directory like this:

    wp-content/plugins/si-contact-form/captcha/cache

    That should stop you from getting alerts about files in that specific directory.

    - Jacob

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Fast Secure Contact Form
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic

Tags

No tags yet.