Support » Plugin: Shield Security: Protection with Smarter Automation » hack protection warnings problem

  • Resolved captainrogers

    (@captainrogers)


    I keep getting the following warning:

    The MD5 Checksum Hashes for following core files do not match the official WordPress.org Checksum Hashes:
    – wp-includes/js/tinymce/wp-tinymce.js.gz

    I have tried repairing the file via the Shield plugin and replacing the file via the Shield plugin. I have also manually replaced that file with a fresh download of wordpress. I also had the site scanned by Sucuri and they showed no corrupted files so I am assuming (hoping) this is a false positive. Any ideas why it keeps occurring and how to stop it?

    Thanks,

    Cap

    • This topic was modified 2 years, 3 months ago by  captainrogers.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Paul

    (@paultgoodchild)

    Ummm … I can’t imagine what’s going on here. The only thing I can think of is there’s something funny in your environment. Perhaps a old PHP version / windows hosting / something that’s causing the md5 of the zip? It’s no coincidence that it’s the only file of type .gz that ships with WordPress and it’s causing issues.

    Could you try downloading the file locally and running an md5 hash on it? The result you should get should be:
    191e12b07c0ba85b743a465e40c55183

    I’d be curious if you can match that md5 on your local computer. This would imply that the server hosting environment your site is on has an issue with the md5() of gzipped content.

    Hi Paul,

    Thanks for getting back to me. I’ve downloaded the file and ran an md5 hash via the terminal and the hash is totally different:

    49ac398149fba3c6b371184dcee93244

    The odd thing is that the site is using shared hosting and the same theme as several other sites that operate without this happening. I’ll ask the hosting company if they have any ideas.

    Thanks for a great plugin,

    Cap

    Plugin Author Paul

    (@paultgoodchild)

    very strange altogether… I’d be keen to hear what your host thinks.

    Keep me posted!
    Cheers

    Last night I reinstalled WordPress rather than just replacing the flagged file. I haven’t had the warning email this morning so hopefully that has sorted it.

    I asked the hosting company if they’d come across this or had any problems with gzip compression. They haven’t. We have several sites that use the same theme/plugins running on the same hosting/server and this was happening only on one site.

    Thank you for your help. Very much appreciated.

    Cap

    Plugin Author Paul

    (@paultgoodchild)

    Great, glad you got it sorted… and thanks for your efforts to work to resolve it with us! 🙂

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘hack protection warnings problem’ is closed to new replies.