• We get occasional false positive “malicious file uploads” on an Gravity Form application we use which requests attachments of certain PDF files and JPEGs. We’re wondering what causes this and how we can avoid these. When we are sent the files, they are normal/harmless PDFs and JPEGS

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @jgold723, thanks for getting in touch!

    There are usually 3 possible firewall rules involved when somebody uploads a file to your site: “Malicious File Upload“, “Malicious File Upload (Patterns)”, or “Malicious File Upload (PHP)“.

    There are layers to how uploaded files are checked by Wordfence. False-positives can occur from time-to-time as documents or image files can easily match malicious PHP code patterns when viewed as plain text. If you turn off the rule that you’ve been seeing in Live Traffic via Wordfence > All Options > Advanced Firewall Options > Rules, a different stage of the checking process will still scan the files and be able to flag legitimate issues in future.

    Many thanks,
    Peter.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.