Support » Plugin: Shield Security: Protection with Smarter Automation » Hack guard options doesn’t work

  • Resolved mengeco

    (@mengeco)


    Hello,

    At the root of my site, I modified the page index.php to redirect my site to a subfolder:
    require (dirname (__FILE__). ‘/SITE-ONE-PAGE/wp-blog-header.php’);

    In shield security> Hack guard: I set only “Email report only” and add the index.php page in “Files exclusion” (https://snipboard.io/ab8KsV.jpg)

    But when I receive the email of shield security (https://snipboard.io/SedaMA.jpg), my page index.php is replaced and me link and reset:
    require (dirname (__FILE__). ‘/wp-blog-header.php’);

    How to prevent Shiel Security from removing / resetting my index.php page?

    Best Regards

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author One Dollar Plugin

    (@onedollarplugin)

    Hi,

    This was covered in detail in your previous ticket. You will need to read the links that we provided so that you understand exactly what the scans are doing and to what exactly the exclusion rules apply.

    Please re-read our response carefully as our response to this will be identical.

    https://wordpress.org/support/topic/index-php-in-file-exclusions/

    Thank you for your quick response.

    I opened a new post because I think I was not clear enough the first time.

    I read your tutorials and I did not understand the difference between the scan “Core file” and “unrecognized files”

    If “Core Files” is enabled, my “index.php” file will be deleted in any case, and even if I disable “Automatically Repair WordPress Core Files …”.

    But in “Unrecognized files”, if I select “Automatically delete files” and I place “index.php” in “Files exclusion”, will my file “index.php” be deleted?

    The ideal for me, would be to benefit from the tool “Core Files” without removing the page “index.php”, is it possible?

    Thanks

    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    Start with the Core Files.

    1. Download the WordPress ZIP file from WordPress.org and look at those files.
    2. Examine each file and compare it to the files on your WordPress site.
    3. If the file is different, the scanner alerts. Because it shouldn’t be different.

    This is what the Core File scanner does.

    Now, unrecognised file scanner. If you know what all the correct core files are, then you know what files SHOULDN’T be there. That is the unrecognised core file scanner.

    Is your index.php file found in the WordPress ZIP? If yes, then it’s treated by the core file scanner. If not, then it’s treated by the unrecognised file scanner.

    Since your index.php IS part of the ZIP, then it’s treated by the Core File scanner.

    Exclusions are for the unrecognised file scanner. This has nothing to do with the core file scanner.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.