• Resolved beyoyo2


    Received note from GoDaddy regarding my site.

    They say this file is malicious… if I remove it do I risk breaking WordFence?

    rex.xor_warnings.001 – html/mywebsite/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php

Viewing 5 replies - 1 through 5 (of 5 total)
  • Hi @beyoyo2

    Please send a copy of this file “wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php” to “alaa [at] wordfence [dot] com”, our team would like to investigate that copy on your site.


    I got the same notification from GoDaddy for the same file. Was there any resolution for this?


    I also received notice on the same file from Godaddy.

    rex.xor_warnings.001 – html/domainnamehere/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php

    WordFence Version 7.1.12

    • This reply was modified 1 year, 10 months ago by SandyMe.
    • This reply was modified 1 year, 10 months ago by SandyMe.

    I ran a comparison of the file.php file on Godaddy with the file.php I just downloaded from wordpress.org and they are identical.

    I also compared the file that had been sent in with the same file in the WordPress repository and they match. So it seems this is is a false positive. I don’t know what the rex.xor_warnings.001 rule matches on.

    For those of you that are hosted with GoDaddy, if you could ask them to look in to why that rule (rex.xor_warnings.001) is matching on that file, that would be great. If you want to share it here in the forum for the benefit of other users who may be getting the same warning, feel free to do so. If you would rather send in information privately, you can reach me via asa@wordfence.com. Make sure you reference this thread if you send anything in.


Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Malware’ is closed to new replies.