Block unauthorized access to load-scripts.php and load-styles.php only temporary

  • Support,

    I installed WP-Cerber to protect against CVE-2018-6389. I see the entry in .htaccess and when I test the vulnerability it is blocked. But it only seems to be temporary. After a few days, our vulnerability scanner flags the issue again. If I test I see the vulnerability again too. So then I log in to wp-admin, and go to the WP-Cerber Hardening page. I see that “Block unauthorized access to load-scripts.php and load-styles.php” is active, but I have to click save, then the vulnerability goes away again. This is great but it will show up again in a few days. Is there anything I can do to make the protection permanant?

    Thank you

Viewing 1 replies (of 1 total)
  • Thread Starter alligatornest

    (@alligatornest)

    Support,

    Just to follow up on this: this morning I downloaded the .htaccess file and the load-scripts protection entry was missing again (see below). So I logged in to admin, clicked save, and the load-scripts lines were back.

    # BEGIN WP CERBER GROOVE
    # Protection of admin scripts is enabled (CVE-2018-6389)

    # END WP CERBER GROOVE`

Viewing 1 replies (of 1 total)
  • The topic ‘Block unauthorized access to load-scripts.php and load-styles.php only temporary’ is closed to new replies.