Every once in awhile, I’ll get email alerts from Wordfence that one or more core WordPress files have been modified. Often times, I’ll get the same alerts for multiple different sites at the same time concerning the same files.
This week I keep getting alerts as follows:
* WordPress core file modified: wp-includes/comment.php
* WordPress core file modified: wp-includes/formatting.php
When I look at the changes to the files, it doesn’t SEEM like anything terrible, but at the same time, I’m not a PHP guru, so it leaves some room for concern.
I guess I would just like to understand more about these alerts. If I am the only one with access to the files and I didn’t make these changes (nor did my host), what could cause these alerts apart from a hacker? Can updates to WordPress itself cause this sort of alert but not be a cause for concern?
- The topic ‘When are modified core files a concern?’ is closed to new replies.