• Resolved goatherd999

    (@goatherd999)



    Today I received the following notification fromm securi:-

    Information:
    Alert Time: 6th July 2016 1:37 pm

    Website Information:
    Site: http://alpujarraenterprises.com/newsletter
    IP Address: 216.198.218.170

    Notification Message:
    Changes in the integrity of your core files were detected, you may want to check each file to determine if they were infected with malicious code. The WordPress core directories /<root>, /wp-admin and /wp-includes are the only ones being scanned; the content, uploads, and custom directories are not part of the official archives so you have to check them manually.
    Core integrity (2 files)
    Status File Size Modified At File Path
    added ~235.00B 4th February 2016 4:49 pm .htaccesss
    added ~34.00B 14th December 2013 7:58 am fantversion.php
    Note. This is not a malware scanner but an integrity checker which is a completely different thing, if you want to check if your site is generating malicious code then use the malware scan tool. If you see the text “must be fixed manually” in any of these files that means that they do not have write permissions so you can not fix them using this tool. Access the admin area of your website to fix these files.

    So I tried to login on to wp on the site. Password not recognised…. put the correct pass in still not working, then requested new pass, put this in and was locked out. Went to PHP Myadmin and changed pass, tried again to login, password still not correct, now too many login attempts so locked out!!!! still locked out, still the same! What can I do????

    https://wordpress.org/plugins/sucuri-scanner/

Viewing 1 replies (of 1 total)
  • Plugin Author yorman

    (@yorman)

    I don’t see anything malicious in the email alert that you received from the plugin, that file “.htaccesss” is irrelevant because the extra “S” at the end makes Apache to ignore the rules defined there, unless you have changed the configuration of the web server to read the rules from a non-standard access control file.

    The file “fantversion.php” is very common in some shared hosting accounts, I don’t really know what is in that file, I will let you decide if you want to delete it or mark it as fixed if you consider it is a false/positive.

    Regarding the “locked out” thing, the Sucuri WordPress plugin does not provides a mechanism to lock user authentications per number of failed logins, it includes a tool to block the user authentication completely for usernames specified by an admin, but what you are describing is different. I know other plugins like “Wordfence” and “Better WP Security” have that, so I suggest you to contact them in order to get a solution for the problem that you are facing; I think you can simply wait a couple of minutes and the locked out message will disappear.

Viewing 1 replies (of 1 total)
  • The topic ‘Locked out of my site….’ is closed to new replies.