During Scan the Admin Pages Redirect to INSTALL.php is this DANGEROUS?

  • Resolved SeanBanksBliss

    (@seanbanksbliss)


    4 years, 5 months ago

    So I noticed that when the scan is running if you try to click to any other page such as /wp-admin the system redirects to install.php

    I looked and there is NO install.php file in my WordPress directory, so it must be getting created dynamically? …or hidden in the depths somewhere out of sight?

    Maybe WordPress, sensing things are locked for the scan, assumes installation should occur and thus it offers the prompts because it cant access all it’s own files (I’m guessing).

    This seems dangerous. The default screen it shows has the WordPress logo and a language selection box (Step 1 of installation).

    What would happen if I clicked through that installation prompt?

    It goes away and returns to normal when the scanning is finished, but if the user followed the prompt and re-installs; would that conceivably be a problem for any of the thousands of WordPress users who could encounter this?

    Should an alternative redirect page be forced by WordFence prior to scan — to prevent some sort of catastrophic re-installation changes?

    Maybe clicking through a reinstall during the scan is harmless? I don’t know enough to know.

    As a naive user, it scares me that I’m being presented with the option.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support WFAdam

    (@wfadam)

    Hello @seanbanksbliss and thanks for reaching out to us!

    Can you try doing a scan from a different browser? This sounds like it could be a possible cache issue since its redirecting to the install. Also, do you use any cache plugins? Try to clear those out as well.

    Let me know what you find!

    Thanks!

    Thread Starter SeanBanksBliss

    (@seanbanksbliss)

    It must have been something like that. It’s working fine today. I haven’t checked in a different browser, but I did manually update the core and all plugins since the first scan. Not sure if that had anything to do with it; either way, it’s working now and I can’t reproduce the issue.

    Problem solved ??

    Thread Starter SeanBanksBliss

    (@seanbanksbliss)

    I spoke too soon.

    While doing an external directory scan; I clicked the “View full log” button, and it directed me to wp-admin/install.php

    So it didn’t do it on the normal scan earlier, but it did do it on an external files scan.

    I’ve just refreshed the page because it seemed to be not loading new lines to the log, and the scan page is also redirecting to install.php.

    So now, I can’t even see the scan page (perhaps because the scan is still happening?).

    …though I can see the /wp-admin/admin.php?page=WordfenceScan&subpage=scan_options

    I can not see wp-admin/edit.php?post_type=page, so the whole admin of WP is redirecting to install.

    Why can I see the “scan options” page, but not “all pages” page or “scan” page?

    Thread Starter SeanBanksBliss

    (@seanbanksbliss)

    I went to check in a different browser and the site was working fine, but I don’t know that it was the cache because when I went back to my primary browser that too was working fine and the install-redirect problem had vanished in that browser as well.

    I’m assuming it only happens during active scanning, and seemingly only when the scan seems frozen.

    The results of the scan are displaying as “failed”.

    I already have another thread for that where I’ll post the last 20 lines of the scan as you requested there.

    Plugin Support WFAdam

    (@wfadam)

    I will help you troubleshoot from that thread. I will resolve this one out, so we can keep everything together.

    Thanks!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘During Scan the Admin Pages Redirect to INSTALL.php is this DANGEROUS?’ is closed to new replies.