Support » Plugin: Shield Security: Protection with Smarter Automation » index.php in “File Exclusions”

  • Resolved mengeco

    (@mengeco)


    Hello,

    Hack Guard> Unrecognised files :

    I used index.php to redirect my site to another folder.

    To prevent this file from being deleted by Shield Security, I added “index.php” to the “File Exclusions” list.

    Is it dangerous?

    Thanks !

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author One Dollar Plugin

    (@onedollarplugin)

    If you know and trust your index.php file, then adding it as an exclusion is totally fine. This is the exact purpose of using exclusions so you can do just as you describe.

    ok, thanks !!!

    Hello,

    I added “index.php” in the exclusion zone but my index.php page was reset by Shield security : https://snag.gy/1wr5nj.jpg

    I made several tests but index.php is always replaced by the plugin.

    I hope I will not have to uninstall Shield security

    Thanks

    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    The file exclusions options is listed under the unrecognised file scanner, not the core file scanner. To learn more about what this scan does, please read here:
    https://icontrolwp.freshdesk.com/support/solutions/articles/3000069910

    You’ll learn that there is no file reset/replacement by this scanner. The scanner that does the replacement is the WP Core file scanner which looks at legitimate core files and determines if they are the same as the originals.

    If your index.php file is different, and it was shipped with WP, and you’ve set to automatically restore WP core files, then it will be replaced.

    Your options are:
    – don’t use the WP core file scanner, or
    – don’t automatically repair files, or
    – don’t change any core files including the index.php file that is shipped with WP. (if you want to redirect, then use something like .htaccess rules to achieve this).

    Thanks.

    mengeco

    (@mengeco)

    Thank you for your reply.

    I used the option “unrecognized files” and entered “index.php” in “File exclusions” (see screenshot please https://snag.gy/1wr5nj.jpg), why the file “index.php” is still replaced? Is it correctly entered?

    For the moment, I have defined “email report only” but the “Auto delete file and mail report” option is interesting, if the file index.php is not replaced.

    Thanks !

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.