Support » Plugin: iThemes Security (formerly Better WP Security) » iThemes file flagged as malware

  • I just got this notice from our host:

    We recently completed a routine security checkup of our servers and platforms. Our scans flagged your xxxxxx.xxx hosting accounts as containing possible malware.

    Please sign in to your hosting account and review the following content and remove or fix the files listed below:

    public_html/care/wp-content/plugins/better-wp-security/core/lib/itsec-zxcvbn-php/matchers/ranked_frequency_list-passwords.json

    Is this really malware or have servers been incorrectly identifying it as malware?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Was that on GoDaddy? I got a similar message on a site hosted on GoDaddy.

    @candeeg and @jwiere03

    Irregardless who the hosting company is, this is clearly a false positive.

    Open the file and all you’ll see is 30000 ranked plain text passwords …

    Even better, read the wp-content/plugins/better-wp-security/core/lib/itsec-zxcvbn-php/readme.md file and learn what zxcvbn uses it for …

    Also happened to me in A2Hosting.
    I just told them is a false positive

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘iThemes file flagged as malware’ is closed to new replies.