WordPress.org

Support

Support » Plugins and Hacks » cache/xedmdvy4vnroflyJ.php file has changed – malware code injection?

cache/xedmdvy4vnroflyJ.php file has changed – malware code injection?

  • my Better WP Security sent me an email and i use FS Contact Form.

    A file (or files) on your site at MYSITE.com have been changed. Please review the report below to verify changes are not the result of a compromise.

    wp-content/plugins/si-contact-form/captcha/cache/xedmdvy4vnroflyJ.php

    is this a malware code injection?

    thank you!

    FW

    https://wordpress.org/plugins/si-contact-form/

Viewing 1 replies (of 1 total)
  • It looks like the Fast Secure Contact Form uses the /captcha/cache/ directory to place CAPTCHA challenge responses temporarily.

    When using the Better WP Security plugin, you can navigate to Security from the left-hand menu, then click on Intrusion Detection.

    If you scroll down to the File Change Detection section, there is a Include/Exclude List drop-down that you should set to Exclude. Then below that in the File/Directory Check List field type in an exception for the Fast Secure Contact Form cache directory like this:

    wp-content/plugins/si-contact-form/captcha/cache

    That should stop you from getting alerts about files in that specific directory.

    – Jacob

Viewing 1 replies (of 1 total)
  • The topic ‘cache/xedmdvy4vnroflyJ.php file has changed – malware code injection?’ is closed to new replies.