Title: Worrying security scan result
Last modified: August 31, 2016

---

# Worrying security scan result

 *  [maxmynorm](https://wordpress.org/support/users/maxmynorm/)
 * (@maxmynorm)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/)
 * I’ve just added the Wordfence security plugin and run the first scan on my site(
   which uses the latest versions of the Newspaper theme and WordPress) which showed
   the following result;
 * ****************************************
 * File appears to be malicious: wp-includes/js/plupload/instal1.php
    Filename: 
   wp-includes/js/plupload/instal1.php File type: Not a core, theme or plugin file.
 * Severity: Critical
    Status New This file appears to be installed by a hacker 
   to perform malicious activity. If you know about this file you can choose to 
   ignore it to exclude it from future scans. The text we found in this file that
   matches a known malicious file is: “”find all suid files””.
 * *******************************************
 * I’m not a techie by any means, and I’ve tried to find out as much as poss through
   my hosting company and tagDiv support, but I still can’t work out if this is 
   a genuine threat or not.
 * Any clues out there?
 * Thank you in advance!

Viewing 8 replies - 1 through 8 (of 8 total)

 *  [Mark Ratledge](https://wordpress.org/support/users/songdogtech/)
 * (@songdogtech)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055462)
 * instal1.php is def. not a legitimate WordPress file.
 * Carefully follow [https://codex.wordpress.org/FAQ_My_site_was_hacked](https://codex.wordpress.org/FAQ_My_site_was_hacked)
 * Then take a look at the recommended security measures in [Hardening WordPress – WordPress Codex](https://codex.wordpress.org/Hardening_WordPress)
   and [Brute Force Attacks – WordPress Codex](http://codex.wordpress.org/Brute_Force_Attacks)
 * If you can’t do the work yourself, consider looking for a reputable person on
   [http://jobs.wordpress.net/](http://jobs.wordpress.net/) or [http://directory.codepoet.com](http://directory.codepoet.com)
   or [http://upwork.com](http://upwork.com)
 * _ (FYI, it’s **not** a good idea to respond to work offers from random forum 
   users who have read about your issues.)_
 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055464)
 * These are legitimate points that Wordfence have raised
 *  Thread Starter [maxmynorm](https://wordpress.org/support/users/maxmynorm/)
 * (@maxmynorm)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055485)
 * Thank you songdogtech and Andrew.
 * This is so frustrating… I’m just a guy with a laptop who writes articles and 
   monetizes the site; I’m not a programmer hence the use of off-the-shelf packages.
 * I set my site up in mid November, and until the end of December it was going 
   great, but since then I’ve spent all of my time trying to defend myself against
   attacks and login attempts from people trying to somehow benefit from my time,
   effort and personal financial investment.
 * Is it possible to run a simple website without being a web-wizard with detailed
   programming or code-writing knowledge?!
 * I’ve got a meeting in a few days with a specialist – hopefully he can help and
   re-light my belief that this can work, because right now I’m thinking of throwing
   in the towel!
 * Thanks again.
 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055487)
 * Maybe WordPress.com is a better solution for you: [https://en.support.wordpress.com/com-vs-org/](https://en.support.wordpress.com/com-vs-org/)
 *  [Mark Ratledge](https://wordpress.org/support/users/songdogtech/)
 * (@songdogtech)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055539)
 * Managed hosting like WordPress.com is secure against lots of the stuff you’re
   dealing with.
 *  Thread Starter [maxmynorm](https://wordpress.org/support/users/maxmynorm/)
 * (@maxmynorm)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055583)
 * I’m thinking it may be better to just switch to a .com hosted site. Can anyone
   tell me what costs are involved?
 * I understand the functionality may not be as broad as a .org site due to restrictions
   on plug-ins etc, but is there a way of finding out if my existing site will still
   be fully compatible?
 * It’s [http://www.maxmynorm.com](http://www.maxmynorm.com)
 * It is pretty basic – just a series of articles monetized by Adsense, Content.
   Ad and Advertis.com. There aren’t any transactional issues – I don’t sell any
   products through the site needing payments in any form.
 * The final thing I need to know is if I can switch to .com for hosting, will anyone
   be able to fix the issues I’m having right now, or do I still need the services
   of a web developer?
 *  Thread Starter [maxmynorm](https://wordpress.org/support/users/maxmynorm/)
 * (@maxmynorm)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055590)
 * I forgot to add to my last post above a few minutes ago;
 * In the results from the Wordfence scan which highlighted a potentially dangerous
   file (wp-includes/js/plupload/instal1.php), it gives the option to delete the
   file.
 * Forgive my complete ignorance, but is it safe to just hit the delete button? 
   I only ask as I’m not sure if the file might be a legitimate one which was included
   within the system, but has had malicious stuff added to it.
 * Thanks in advance!
 *  [Mark Ratledge](https://wordpress.org/support/users/songdogtech/)
 * (@songdogtech)
 * [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055597)
 * The file flagged by Wordfence is not a legit WP file; you can delete it, but 
   that’s not a complete fix for a hack; you need to read my links above.
 * And read [https://en.support.wordpress.com/com-vs-org/](https://en.support.wordpress.com/com-vs-org/)
   to see if you want to move to .com.
 * Adsense ads are not allowed on .com. [https://en.support.wordpress.com/advertising/](https://en.support.wordpress.com/advertising/)
 * Your current Newspaper theme is not available on .com [https://theme.wordpress.com/](https://theme.wordpress.com/)

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Worrying security scan result’ is closed to new replies.

## Tags

 * [malicious](https://wordpress.org/support/topic-tag/malicious/)
 * [plupload](https://wordpress.org/support/topic-tag/plupload/)
 * [scan](https://wordpress.org/support/topic-tag/scan/)
 * [wp-includes](https://wordpress.org/support/topic-tag/wp-includes/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 8 replies
 * 3 participants
 * Last reply from: [Mark Ratledge](https://wordpress.org/support/users/songdogtech/)
 * Last activity: [10 years, 5 months ago](https://wordpress.org/support/topic/worrying-security-scan-result/#post-7055597)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics
