21 file changes in Wordfence, but no update?
-
I received a notice today of changes in 21 files in the Wordfence plugin area. Some were code changes in PHP files; others were changed version numbers and what seemed like minor changes; others were a mystery as to what they did. This has happened before (changes in various files, not just Wordfence), just not on this scale.
I would have thought that if a plugin’s files were to change, it would be done through an update, not by the developer reaching into my site and just tweaking changes. I did have it on automatic updates, but I received no noticed about any updates since the WP update last Thursday to 4.6.1. (2 days before the timing of the file changes, according to the Wordfence scan). There was no notice of any logins other than mine when I went to check on it today. So I’m confused.
I got creeped out by this and since it was only a development site for testing plugins anyway, I deleted the site. But it still leaves me wondering what happened here. What exactly happens when I get a notice of seemingly minor (or even significant) file changes from Wordfence, yet no notice of an update that would explain the changes? And if this is just “normal” then how do I know when (what seems like) “backdoor” changes are legitimate and when they are not?
Thanks in advance for the help.
- The topic ‘21 file changes in Wordfence, but no update?’ is closed to new replies.
