False post updates by scanner
-
I use both Wordfence and Sucuri on my sites and they work very well together.
Sucuri alerts me when changes are made on my sites. This morning I woke up to about 20-25 “post update” notifications from Sucuri on one of my sites. They appeared to indicate that a bunch of new pages had been published. When I logged in, I found no new pages and nothing had been changed (that I can see, anyway).
The reason I am posting here is that the IP address from which these changes supposedly originate resolves to scan1.wordfence.com. I found this out by running a tracert after Wordfence would not allow me to blacklist the IP.
I’ve been using this security setup for a while and have never seen anything like this.
Why would a Wordfence scan appear to publish a bunch of non-existent pages? If the answer is to scare the crap out of me, it succeeded lol.
- The topic ‘False post updates by scanner’ is closed to new replies.