Harding Whitelist Blocked PHP Files

  • Resolved jdbeontap

    (@jdbeontap)


    8 years, 5 months ago

    While looking into an issue with our site we discovered that the Hardening Whitelist Blocked PHP Files exception list has an entry to allow:
    *.php wp-content/uploads wp-content/uploads/.*/*.php

    This 1) seems dangerous and 2) will not allow us to remove it when we select it and press the Delete button. We added a test item to the list to see if maybe the plugin had an issue but we were able to delete the test entry just fine. It seems we may have been hacked. Where can we manually update the array to get rid of this entry?

    Thank you!

Viewing 1 replies (of 1 total)

  • The data that appears in the table is taken directly from the access control file located in the directory where the whitelist was inserted. In this case it seems that it was inserted in /wp-content/uploads/.htaccess so you can open that file and remove the unwanted exceptions manually.

Viewing 1 replies (of 1 total)
  • The topic ‘Harding Whitelist Blocked PHP Files’ is closed to new replies.

Tags