Support » Plugin: Sucuri Security - Auditing, Malware Scanner and Security Hardening » Core WordPress Files Were Modified after deleting a default theme

  • Resolved ale5000

    (@ale5000)


    It doesn’t make sense to check also default themes (and its language files) because themes (even default ones) can be updated without updating WordPress and they can also be removed so this check will likely fail.

    I get this errors after removing the default theme:
    wp-content/languages/themes/twentyseventeen-it_IT.mo
    wp-content/languages/themes/twentyseventeen-it_IT.po

    Please fix.

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author yorman

    (@yorman)

    Those are Italian language files, they are not part of the official WordPress package, they were downloaded by the system when you went to the settings page and changed the language of your website, but they are not part of the official installation, that’s why the plugin is flagging them.

    Please fix

    This is not a bug, it’s a feature request.

    You can select these files and choose the option “Mark As Fixed” which will do exactly what you are suggesting, but only in your own website. Other people will prefer to keep receiving these notifications, so implementing your suggestion in the code is a bad idea. The option to mark a file as “fixed” was designed specifically for edge cases like yours, where the website owner believes that the flagged files are harmless, and so they can force the plugin to ignore them in future scans.

    Marking as resolved, feel free to re-open if you need more information.

    @yorman
    Maybe I haven’t explained it correctly.

    I have removed the default themes so the files of the language of the theme no longer exist and the plugin complain.

    This behaviour doesn’t make sense.
    It doesn’t complains that the theme doesn’t exist but complain that the language of the theme doesn’t exist, both things are listed here: https://api.wordpress.org/core/checksums/1.0/?version=4.8.2&locale=it_IT

    I also have the same problem. The default theme was deleted in a wordpress update and I keep getting alert emails about the .po files being deleted, yet I can’t find a way to add them on the ignore list, as the sucuri Dashboard shows everything is OK (even though I’ve been getting emails for WEEKS.

    So, how do I add them if there’s no button or panel to do it for some weird reason?

    Plugin Author yorman

    (@yorman)

    @harzens — the code that sends the email notifications uses the same code that prints the data into the plugin’s dashboard, so it is a mystery to me how can you receive email notifications about these files but cannot see them in the dashboard.

    @ale5000 — I understand your idea now, I will see what can be done, thank you.

    I will mark as non-resolved for now while I investigate.

    Thanks 🙂

    @yorman I’ve no idea what’s happening, this is what it looks like : https://i.imgur.com/q8CrmLq.png

    I might have to end up downloading those lang files just to avoid the ‘core check’ alerts. I also tried later to re-add an ignored file, sucuri recognized the ‘change’ now but the .PO still missing from the file selection.

    Plugin Author yorman

    (@yorman)

    @harzens — thank you for the screenshot and the explanation.

    I will work on this now and try to get a patch for the end of the day.

    Thank you for your patience.

    Plugin Author yorman

    (@yorman)

    Hello @ale5000@harzens I already worked on this case, the fix is already in our development repository [1], but I cannot release a new version of the plugin before the QA testing is finished, my co-workers are still reviewing the changes, not only for this bug but also for other things that we decided to modify since the last version.

    Feel free to install the development version of the plugin for now [2].

    [1] https://github.com/cixtor/sucuri-wordpress-plugin/commit/b88fd35
    [2] https://github.com/cixtor/sucuri-wordpress-plugin

    It works fine, thanks.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Core WordPress Files Were Modified after deleting a default theme’ is closed to new replies.