config-synced.php malicious

  • Resolved Rhand

    (@rhand)


    4 years, 7 months ago

    file /home/debxxxxxx/domains.site.nl/public_html/wp-content/wflogs/config-synced.php was marked as malicious. This is a Wordfence file itself. When I do check it I do not see anything wrong with the file. Just manual ips and ips added by Wordfence in there mainly as well as some details on the WordPress setup. Seems one of the triggers was <?php exit('Access denied'); __halt_compiler(); ?> followed by comment

    
******************************************************************
This file is used by the Wordfence Web Application Firewall. Read 
more at https://docs.wordfence.com/en/Web_Application_Firewall_FAQ

    and the rest. Perhaps Wordfence should look into this?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi Rhand,

    I’ve also had the same file flagged on a site of mine. Compared it to other WordPress sites I manage and the file appears to be okay. However it would be great to receive some clarity from the Wordfence team.

    Plugin Support wfphil

    (@wfphil)

    Hi @rhand and @chrisstap

    Without knowing the malware signature then this is very likely the same false positive we have seen for malware signature Hacktool:PHP/hackerSignatures.D.8951. If that is the case then you should no longer be getting this scan result as we have fixed this. We apologize for the inconvenience.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘config-synced.php malicious’ is closed to new replies.