"File contains suspected malware"

  • LMD99

    (@lmd99)


    7 years, 8 months ago

    I’ve received this “critical” warning on an IP which is listed in the webalizer stats.

    Correct me if I’m wrong, but is this not more of a warning that someone/bot from the IP below just accessed a page on our site?

    Filename: stats/webalizer.current
    Bad URL: http://5.196.31.7/
    File type: Not a core, theme or plugin file.
    Issue first detected: 47 secs ago.
    Severity: Critical
    Status New

    This file contains a suspected malware URL listed on Google’s list of malware sites. Wordfence decodes base64 when scanning files so the URL may not be visible if you view this file. The URL is: http://5.196.31.7/ – More info available at Google Safe Browsing diagnostic page.

    https://wordpress.org/plugins/wordfence/

Viewing 1 replies (of 1 total)
  • wfalaa

    (@wfalaa)

    7 years, 8 months ago

    Hi LMD99,
    This message means that Wordfence found this URL -which is classified as malware in Google’s list of malware websites- in this file “webalizer.current” which is generated by “webalizer”, so most probably this IP visited/crawled your website at least for one time.

    It will be nice if you can edit this log file and delete this entry, otherwise you can block this IP manually from (Wordfence > Blocked IPs).

    Thanks.

Viewing 1 replies (of 1 total)
  • The topic ‘"File contains suspected malware"’ is closed to new replies.