• Resolved cossovel

    (@cossovel)


    Hi,

    I have a scan alert by Wordfence, only when W3 Total Cache is active:

    File contains suspected malware URL: wp-content/cache/object/0bc/493/0bc4931330**********cd6c6af23.php
    Bad URL: https://apps.caresearch.com.au/js/javascript-mini.js
    Details: This file contains a URL that is currently listed on Wordfence’s domain blacklist. The URL is: https://apps.caresearch.com.au/js/javascript-mini.js

    I tried deleting and re-installing the plugin, but the alert persist in new scans.

    WP and theme: last version updated
    Other plugins: all disabled except by Wordfence and W3 Total Cache

    Thank you

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @cossovel

    I am sorry about the issue you are experiencing and I am happy to assist you with this.
    W3 Total Cache is not the cause of the Wordfence alert. On the contrary, W3 Total Cache is helping to identify where the problem is. As you can see when you open the mentioned file https://apps.caresearch.com.au/js/javascript-mini.js, it contains the following URL that is blacklisted by the Wordfence https://4ksudckusdkc.space/r?token=1c9439dba7071b92aa08f6e1fbcb757b7fb6d482
    SO the issue is within the file itself and not W3 Total Cache as W3 Total Cache does not generate that file.
    Thank you!

    Thread Starter cossovel

    (@cossovel)

    Hi Marko,

    thank you for your answer.

    Since that .js file is an external file (caresearch.com is not my site’s domain), I guess that the suspected code is detected by Wordfence only in compressed/cached file, because in no-compressed file Wordfence is unable to see it.
    Have I correctly understood?

    Thank you thousands!

    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @cossovel

    Yes, that is correct.
    Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Alert by Wordfence’ is closed to new replies.