Support » Plugin: Wordfence Security - Firewall, Malware Scan, and Login Security » Weird issue: WF not detecting a file change

  • Resolved ellmann creative

    (@ellmanncreative)


    Hey there. Small issue I thought I should let you know about.

    Redux updated recently, and since it’s loading pluggable.php early – it broke plugins trying to declare wp_mail(). The interim fix is to edit a file located here:

    /wp-includes/plugins/redux-core/inc/classes/class-redux-functions-ex.php

    and comment out line 587.

    We applied this fix to both our Live and Staging sites (after confirming it doesn’t cause issues). Since WordFence is famous for detecting file changes and such, we decided to run scans on both to avoid the e-mail down the line, and add them to “until file changes” exceptions.

    For some reason, both scans came back clean. WordFence did not detect this change.

    My Redux is bundled with the theme, I think. It’s certainly enforced by the theme and the website plain doesn’t work without it, so I assume that’s the case. It is also available on wordpress.org however.

    Just thought you might want to know about this.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Support wfphil

    (@wfphil)

    Hi @ellmanncreative

    Can you provide a link for where the plugin with the slug redux-core is obtained from please.

    Thread Starter ellmann creative

    (@ellmanncreative)

    My apologies, I missed a bit of the path. The correct path (with the missing slug part “redux-framework”) is:

    /wp-includes/plugins/redux-framework/redux-core/inc/classes/class-redux-functions-ex.php

    The plugin itself is located at: https://wordpress.org/plugins/redux-framework/

    Now I feel silly! ๐Ÿ˜€

    Plugin Support wfphil

    (@wfphil)

    Hi @ellmanncreative

    Thanks for the update and no need to say sorry!

    Your installation of the plugin is in:

    /wp-includes/plugins/

    My installation of the plugin is in:

    /wp-content/plugins/

    The scanner currently will only detect file changes for plugins that are installed in the default location for plugins.

    If you have used the WordPress WP_PLUGIN_DIR constant to change the location of the plugins directory then we do intend to add functionality for scanning a custom plugins directory in the future and it will be listed in our changelog:

    https://wordpress.org/plugins/wordfence/#developers

    Thread Starter ellmann creative

    (@ellmanncreative)

    You know what? I’m working from home with a bad case of something and I’m embarrassing myself with mistakes like this. Of course I meant /wp-content. Don’t know where I got /wp-includes from.

    Can we remove this thread, so that the world forgets about this? ๐Ÿ™

    Plugin Support wfphil

    (@wfphil)

    Hi @ellmanncreative

    Apologies for the late reply as I have been away on holiday and one of my colleagues didn’t pick it up.

    Thank you for the update.

    If you are happy to reply are you still getting the result?

    If you are running the Standard Scan mode then note that the option Scan plugin files against repository versions for changes is disabled and would explain why the file change is not detected.

    Thread Starter ellmann creative

    (@ellmanncreative)

    We were experiencing this on two sites, but since the plugin’s been updated since then, we’re not currently experiencing the issue.

    Both affected sites are running scans in Custom mode, with all free settings enabled – excepting the password strength scan (our client demands their password is used for their account, and I was tired of getting a notification about it)

    Thread Starter ellmann creative

    (@ellmanncreative)

    I just tested this (by modifying both the previously affected file and an unrelated file), and WF picked both changes up without issue now.

    It is possible that the change we made in the file somehow ended up reflecting some “interim change” they’ve made in the repository (if such was actually made) at the time of our scans… or something, and our modified files actually matched what wp-org had on record… I’m not sure.

    All I know for sure is that: a) it didn’t say a thing about the change, and b) the change was there (I put it there myself). That’s really all I know, to be honest. Only mentioned it because I thought it might be of value to you guys – even if only as a “prior incident” sort of thing, at a later date.

    Oh, and I should probably mark this as “Not a support question”. ๐Ÿ™‚

    Plugin Support wfphil

    (@wfphil)

    Hi @ellmanncreative

    Thank you for the update that it is working now.

    It is possible that we hadn’t generated hashes of the files for the latest release of that plugin to match against your file changes.

    Also, no need to set a “not a support” tag as it was a valid support request.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Weird issue: WF not detecting a file change’ is closed to new replies.