File changes between plugin updates

  • Resolved magicpowers

    (@magicpowers)


    4 years, 2 months ago

    hi

    For the past few months my Wordfence security plugin has been warning me about the file updates in your plugin between the main updates.

    As per WordPress’ advice – this should not be happening if pushed by developers, and otherwise such changes indicate hacking.

    Details: This file belongs to plugin “Under Construction” version “3.85” and has been modified from the file that is distributed by www.remarpro.com for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don’t manage their code correctly.

    Are you pushing those file changes or is it a hacked in file?

    The most recent file change includes a text about my site not being accessible to all visitors while the plugin is activated (???) which doesn’t make any sense to me, as the whole purpose of the Under Construction plugin is to make my site NOT ACCESSIBLE to anyone temporarily.

    Could you please:

    1. Explain what do you mean by those comments (line 1469 and 1815 on the .php file)
    2. How do you expect your plugin users to see any such comments/information/advice hidden in the php file? I haven’t received any proper notification from you about any issues on my site and I don’t review my plugins php files unless there is an issue.

    thanks

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author WebFactory

    (@webfactory)

    Hi,
    We made those changes. And we’ll push them to the main branch in a day or two. They are minor changes in the texts in the plugin, not the code and we didn’t want to burden people with doing multiple updates within a few days.

    Thread Starter magicpowers

    (@magicpowers)

    Hi

    thanks for your reply.

    I would suggest that more frequent official plugin updates are a lesser “burden” for the users than pushing small file changes which alert security plugins (like Wordfence) because such file changes are often an indication of HACKING.

    I have actually engaged a Wordfence Support Engineer to investigate your plugin on my site as there have been “small file changes” over the past several weeks.

    So please, don’t do that!

    Secondly – could you please address my second question about the content of that recent change – which makes no sense to me.

    thanks

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘File changes between plugin updates’ is closed to new replies.