WordPress.org

Forums

Wordfence Security
[resolved] False positive for core localised WordPress files (17 posts)

  1. andyexeter
    Member
    Posted 1 year ago #

    Hello,

    The plugin is reporting false positives for my en_GB WordPress install for the files:

    wp-config-sample.php
    wp-includes/version.php

    It appears the plugin is using the standard en_US distro to compare files against so for example when it encounters line 37 of wp-includes/version.php in en_GB distros:

    $wp_local_package = 'en_GB';

    The plugin assumes this to be a critical issue because that line isn't in the en_US distro

    http://wordpress.org/plugins/wordfence/

  2. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks, can you tell me what it's complaining about in the wp-config-sample.php file?

    Thanks.

  3. andyexeter
    Member
    Posted 1 year ago #

    No problem. It's line 72 of the wp-config-sample.php file

    The original:

    define('WPLANG', '');

    The en_GB distro:

    define('WPLANG', 'en_GB');

  4. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks I've filed this as a bug and we'll get it fixed for you. Thanks for the additional info.

    Regards,

    Mark
    PS: If you found this helpful, please rate Wordfence 5 stars.
    http://wordpress.org/plugins/wordfence/

  5. andyexeter
    Member
    Posted 1 year ago #

    You're welcome. 5 star rating and review posted. Excellent plugin!

  6. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks Andy.

  7. Reklawyks
    Member
    Posted 1 year ago #

    Hi,

    This false positive actually happens probably on all non english wordpress.

    Se below the alert (on a french WP)

    Critical Problems:

    * WordPress core file modified: readme.html
    * WordPress core file modified: wp-config-sample.php
    * WordPress core file modified: wp-includes/version.php

  8. monasoleil
    Member
    Posted 11 months ago #

    I guess its the same problem with the french version of wp... wordfence compares files with the english text.

    So I guess i can ignore those warning?

  9. monasoleil
    Member
    Posted 11 months ago #

    If I say to always ignore this will it keep in memory what I told the plugin to ignore and look for any farther changes in the future?

  10. BeaGent
    Member
    Posted 9 months ago #

    Same issue here - will this be updated?

  11. sws0926
    Member
    Posted 9 months ago #

    Actually I just got in on:

    $wp_local_package = 'en_US';

    line 37 of wp-includes/version.php

  12. kanenas
    Member
    Posted 9 months ago #

    Same issue here for Greek...

    wp-includes/version.php

    34	*/
    35	$required_mysql_version = '5.0';
    36
    37	$wp_local_package = 'el';
  13. Rob Golbeck
    Member
    Posted 8 months ago #

    Hi,

    Just chiming in, as I received the same Critical Problems warning this morning:

    wp-includes/version.php:

    $wp_local_package = 'en_CA';

    and readme.html had some text changes related to the Canadian English version.

  14. wesleymusgrove
    Member
    Posted 7 months ago #

    I also just received the same critical issue, except I'm running a US site so the local package is an empty string?

    wp-includes/version.php

    $required_mysql_version = '5.0';
    $wp_local_package = '';

    It's also complaining about @wp_mail being commented out:

    wp-admin/includes/upgrade.php

    292	https://wordpress.org/
    293	"), $blog_url, $name, $password);
    294
    295	   //@wp_mail($email, __('New WordPress Site'), $message);
    296	}
  15. andyexeter
    Member
    Posted 7 months ago #

    Wesley,

    I don't want to put words in the mouths of the developers but the warning about @wp_mail being commented out is definitely not a false positive because you've changed the contents of a core file

    Regarding your issue with the $wp_local_package = '' line, I checked a wp-includes/version.php file on a US distro I manage and it doesn't contain that variable, the bottom of the file looks like this:

    /**
     * Holds the required MySQL version
     *
     * @global string $required_mysql_version
     */
    $required_mysql_version = '5.0';

    Have you by any chance edited that file too?

  16. wesleymusgrove
    Member
    Posted 7 months ago #

    I haven't manually edited either of these files. These warnings are coming from two brand new installs of WordPress on GoDaddy's Managed WordPress hosting account. I literally set them up yesterday, installed Wordfence and got these warnings. Could it be that GoDaddy's Managed WordPress distro is altering core?

    It appears to only be preventing the initial admin email from being sent out after you first install WordPress, which the nature of how GoDaddy automatically creates an admin account for you and logs you in the first time nullifies the need for the email.

    This may be a case where I just need to ignore these warnings unless further unauthorized changes take place in these files.

  17. andyexeter
    Member
    Posted 7 months ago #

    It does sound like they're distributing a modified version of the core. If that's the case I don't think we can expect WordFence to account for this because there could be a never ending list of changes different hosts/providers make

    I think you're right in saying that you should just ignore these warnings, WordFence did its job correctly by informing you of changes to core files and after investigation you've concluded that it's not a problem and can be safely ignored

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Wordfence Security
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic