WordPress.org

Support

Support » Plugins and Hacks » Wordfence Security » [Resolved] Warning message without details?

[Resolved] Warning message without details?

  • How am I supposed to know which files may contain malicious executable code? Anything I’m overlooking here?

    Wordfence found the following new issues on “Food & Chatter”.

    NOTE: Upgrading to the paid version of Wordfence gives you two factor authentication (sign-in via cellphone)
    and country blocking which are both effective methods to block attacks.
    You can also schedule when your scans occur with Wordfence Premium.
    Click here to sign-up for the Premium version of Wordfence now.
    https://www.wordfence.com/wordfence-signup/

    Alert generated at Tuesday 4th of February 2014 at 03:35:53 PM
    Critical Problems:

    * This file may contain malicious executable code
    * This file may contain malicious executable code
    * This file may contain malicious executable code

    https://wordpress.org/plugins/wordfence/

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Author Wordfence

    @mmaunder

    There should be a list at the bottom of that page.

    Also please upgrade, you’re running an older version of Wordfence. This is not what the email for WF 4.0.3 looks like where we removed that ad at the top.

    Regards,

    Mark.

    THX but I posted the entirety of that email. I already upgraded Wordfence, wasn’t sure the problem was fixed. Lets see if the next warnings show the files affected.

    Plugin Author Wordfence

    @mmaunder

    I do apologize, another poster alerted me to the fact that we’d forgotten to remove that from another part of the code. It’s been fixed now and will go out with the next release which should be some time next week. In the mean time you can edit the following file and remove it yourself if you’d like:

    lib/email_newIssues.php

    Regards,

    Mark.

    hm, just got another email that looked like that:

    Wordfence found the following new issues on "rum-reisen.de".
    
    NOTE: Upgrading to the paid version of Wordfence gives you two factor authentication (sign-in via cellphone)
    and country blocking which are both effective methods to block attacks.
    You can also schedule when your scans occur with Wordfence Premium.
    Click here to sign-up for the Premium version of Wordfence now.
    
    Wordfence Signup
    Alert generated at Tuesday 11th of March 2014 at 12:14:50 AM Critical Problems: * This file may contain malicious executable code

    Running Wordfence Version 4.0.3

    In addition to that, after visiting my WF panel, I see apparently 3 issues: http://screencast.com/t/dXTvdpLLcqEf

    But they are nowhere to be seen: http://screencast.com/t/vwCqAN6S

    Plugin Author Wordfence

    @mmaunder

    Yes this issue is still in the current version and it’s slated for removal in the next release which will be out in a few days.

    Regards,

    Mark.

    Having this issue in the current WF version, can anyone confirm?

    This is what it looks like, happening with the latest WF version as of right now:

    This email was sent from your website “pacura.ru” by the Wordfence plugin.

    Wordfence found the following new issues on “pacura.ru”.

    Alert generated at Sunday 6th of July 2014 at 11:52:34 PM
    Critical Problems:

    * This file may contain malicious executable code

    NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
    two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
    A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
    several additional website infections. Premium members can also schedule when website scans occur and
    can scan more than once per day.

    As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
    priority support tickets using our ticketing system.

    Click here to sign-up for the Premium version of Wordfence now.
    https://www.wordfence.com/wordfence-signup/

    Your earlier screenshot shows only the Scan Summary. On the same (Scan) page, does the New Issues section at the bottom provide any more information?

    I don’t recall if the Scan Details window would show the error.

    And if all else fails, turn on Debugging and see if the Scan Details window provides more information.

    That screen shot is 5 months old so I cannot remember but right now it does provide more info…
    Its just missing from the email.

    Plugin Author Wordfence

    @mmaunder

    Thanks for the report. We have found and fixed this issue and it will be released in the next version of Wordfence.

    To be clear, the issue you reported is that Wordfence did not specify the file that contains malicious code in the email alert. This has been fixed and will be released in Wordfence 5.1.6.

    Regards,

    Mark.

    correct and thanks for taking care of it.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘[Resolved] Warning message without details?’ is closed to new replies.
Skip to toolbar