Unknown file in WordPress core
-
Hi guys read you’re experience this issue before.
Since yesterday I get this alert:
* Unknown file in WordPress core: wp-admin/includes/upgrade.php.orig
* Unknown file in WordPress core: wp-admin/plugin-uploader.php
* Unknown file in WordPress core: wp-admin/theme-uploader.php
* Unknown file in WordPress core: wp-admin/uploader/pclzip.lib.php
* Unknown file in WordPress core: wp-admin/uploader/upload.php
* Unknown file in WordPress core: wp-includes/functions.php.orig
I should ignore this?
thanks
-
Hi All,
My reply will cover three main questions:#1 Are these files included in WordPress core?
Short answer, no, they are not.
You can download a recent WordPress version from here and you will find these files do not exist, or check the official WordPress repository on Github.#2 Why are these files on my server then!?
There are many possibilities here:
– These files may be traces of old WordPress versions that were not removed after an update.
– They could be incorrectly included in a web panelβs one-click installer (cPanel, Plesk etc…)
– On some of your posts above, these files seems to be a backup version of your current WordPress files. I am not sure if this was done manually or by a script run by your web host.
– Finally, your website may have been compromised and the hacker injected these files into wp-admin and wp-includes folders.#3 What should I do now?
– Ask your hosting provider if you can replace your current WordPress folders / files (except the wp-content folder) with a recent version directly downloaded from WordPress.org.
– You can simply ignore these warnings if your hosting recognizes these files.
– Also keep watching for such files that should be excluded from our searches in future updates to avoid such warnings. Please let us know if you think there is a false-positive result in this list (always compare to the same version of WordPress installed on your website with a pure copy downloaded from WordPress.org).
– Feel free to email us these files for further investigation at “samples [at] wordfence [dot] com”.Thanks.
Thanks wfalaa, we’ll keep our eyes open first of all, besides getting rid of those ‘unofficial’ files. Best wishes!
Hi there Wordfencers & @wfalaa!
Since today I have this notice:
“Notice: Undefined index: coreUnknown in /home/boox/domains/booxalive.nl/public_html/wp-content/plugins/wordfence/lib/wordfenceHash.php on line 141”
Is this similar to what you all are speaking about?
To me, it seems something directly related to the Wordfence plugin.
As I am new to maintaining a website, I really don’t know how to handle these things.Hope somebody can relieve my anxieties…
Greetz from Amsterdam, Magda
I did an upgrade to Wordfence recently and started getting the following from the recent scan. All of these files have been on the system for a good while, some from last year, and went through previous scans with no issues. What’s up?
————————————————–
Alert generated at Wednesday 27th of July 2016 at 03:01:09 PM
Warnings:
* Unknown file in WordPress core: wp-admin/js/wp-fullscreen.js
* Unknown file in WordPress core: wp-admin/js/wp-fullscreen.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.accordion.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.autocomplete.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.button.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.core.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.dialog.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.draggable.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.droppable.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-blind.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-bounce.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-clip.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-drop.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-explode.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-fade.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-fold.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-highlight.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-pulsate.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-scale.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-shake.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-slide.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect-transfer.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.effect.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.menu.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.mouse.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.position.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.progressbar.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.resizable.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.selectable.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.slider.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.sortable.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.spinner.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.tabs.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.tooltip.min.js
* Unknown file in WordPress core: wp-includes/js/jquery/ui/jquery.ui.widget.min.js
* Unknown file in WordPress core: wp-includes/js/tinymce/plugins/wpfullscreen/plugin.js
* Unknown file in WordPress core: wp-includes/js/tinymce/plugins/wpfullscreen/plugin.min.js
* Unknown file in WordPress core: wp-includes/js/tinymce/skins/wordpress/images/dashicon-no-alt.png
* Unknown file in WordPress core: wp-includes/js/tinymce/wp-mce-help.php
* Unknown file in WordPress core: wp-includes/theme-compat/comments-popup.php
I too seem to be a victim of whatever Wordfence is doing, but my warning is a little different than what others have posted. Probably because I’m using a Synology server. This is just a small sampling of the huge list of files I received that were flagged. This ONLY happened after the last Wordfence upgrade.
This email was sent from your website “My Website Name” by the Wordfence plugin.
Wordfence found the following new issues on “My Website Name”.
Alert generated at Tuesday 26th of July 2016 at 09:39:27 PMWarnings:
* Unknown file in WordPress core: wp-admin/@eaDir/about.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/admin-ajax.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/admin-footer.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/admin-functions.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/admin-header.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/admin-post.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/admin.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/async-upload.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/comment.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/credits.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/css@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/custom-background.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/custom-header.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/customize.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/edit-comments.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/edit-form-advanced.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/edit-form-comment.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/edit-link-form.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/edit-tag-form.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/edit-tags.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/edit.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/export.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/freedoms.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/images@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/import.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/includes@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/index.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/install-helper.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/install.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/js@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/link-add.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/link-manager.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/link-parse-opml.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/link.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/load-scripts.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/load-styles.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/maint@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/media-new.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/media-upload.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/media.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/menu-header.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/menu.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/moderation.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-admin.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-delete-site.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-edit.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-options.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-sites.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-themes.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-upgrade-network.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/ms-users.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/my-sites.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/nav-menus.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/network.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/network@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options-discussion.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options-general.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options-head.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options-media.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options-permalink.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options-reading.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options-writing.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/options.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/plugin-editor.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/plugin-install.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/plugins.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/post-new.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/post.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/press-this.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/profile.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/revision.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/setup-config.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/theme-editor.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/theme-install.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/themes.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/tools.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/update-core.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/update.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/upgrade-functions.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/upgrade.php@SynoEAStream
* Unknown file in WordPress core: wp-admin/@eaDir/upload.php@SynoEAStream
@bonaventuradibello thanks!
@magdigit No, this is a different problem, please check my reply here.
@umeweall Please make sure you checked my previous reply here, and in case you don’t want to see these warnings any more you can turn off “Scan wp-admin and wp-includes for files not bundled with WordPress” option under (Wordfence > Options => Scans to include) till you check these files (which seems to be just traces of an old WordPress version).
@idealynx That’s interesting, can you confirm if the list contains -roughly- all files in wp-admin / wp-includes? this seems to be something specific to Synology server, I will discuss that with our team.
Thanks.
O.k., thanks, I will have a talk with GoDaddy about them, as I do have a managed system.
I forgot to mention an item. The question still is why is Wordfence picking the files up as a problem, when these files when through previous scans, without the files being declared as an issue. I saw a date of Oct., 2015, for one of the files. It had been through many scans in the past. Something changed in the recent update, which caused these files to get challenged and reported. The question is why.
@umeweall yes, that’s because “Scan wp-admin and wp-includes for files not bundled with WordPress” option under (Wordfence > Options => Scans to include) was introduced since version “6.1.11”.
Thanks.
I guess this is the right answer then:
– You can simply ignore these warnings if your hosting recognises these files.
I’ll put those in ignore as they’re added by Plesk.
cheers
Hi all,
Just checking, cause I have been getting the same warning today for one file since the update of Wordfence.
Unknown file in WordPress core: wp-admin/LOG_FILEJust to be sure: I should do nothing?
Or should I contact my hosting provider to ask them if there is anything to worry about?I’d rather not have to contact them every day/week or worry about things that are not problematic, so I would love to know how to proceed. Bit if a newbie with all this still and someone else installed my website for me on the server. Thanks for any advice offered.
KP
Thanks @wfalaa for your replies – they helped in uderstanding what has happened & why.
Thanks for this – somewhat reassuring, though a nuisance to verify all the additional files with the theme developer who has, I suspect, put a lot of files in the wrong the wrong places π Won’t be using that theme again!
One question though – once I have verified that all the extra files were put there by the theme, if I click “ignore all new issues”, is that equivalent to a bulk “Always ignore this file” or “Ignore until the file changes”? I don’t really want a load of files sitting in my core that WordFence isn’t scanning for future intrusions.
Thanks.
….Unknown file in WordPress core: wp-….
I upgraded to WF 6.1.12 yesterday 8/2 a 1:30 pm and the email sent to me at 2:34 am today showed 1,040 files with the above name prefix. I’m happy to send the list to someone from Word Press so you can tell me if I can ignore the warnings, or if I should delete the files. Or if I should ask my host to replace the WP installation.
@toniharvey kindly, check my previous reply here to get a better idea about how you can judge if these files are original WordPress files or not, also you will find an email which you can use to send us this list for further investigation.
@wwwolf It’s not recommended to have such theme-related files in (wp-includes/wp-admin) directories, please contact your theme developer about, till this got resolved by your theme developer you can choose “Ignore until the file changes” for now.
@kalopaidi this seems to be a log file, you can open it and make sure all the entries there are just error/access logs before ignoring this file.
Thanks.
- The topic ‘Unknown file in WordPress core’ is closed to new replies.
