When combining Wordfence with w3tc, the cached and compacted php files register as potentially malicious code given that they have . Since these cache files are regenerated and renamed constantly, this means every scan flags numerous errors. On average, I see 10-20 new false positives per scan.
An example of the specific issue:
This file may contain malicious executable code wp-content/cache/db/000000/3f2/981/839/3f29818398695347542685f1398d390d.php This file is a PHP executable file and contains a line 7578 characters long without spaces that may be encoded data along with functions that may be used to execute that code. If you know about this file you can choose to ignore it to exclude it from future scans.
Could there be an advanced setting to ignore a certain directory from the malicious executable code scan?
Thanks for an amazing plugin.