Is this file possibly dodgy in the uploads directory of your directory

  • Resolved kristinubute

    (@kristinubute)


    1 year, 4 months ago

    Hi

    I’m tidying up a client site that had some malware a few days ago. Backup and working so far.

    I’m in the uploads directory and there is a htaccess file in your directory under wpforms in the uploads directory.

    When I read the contents says this (I assume this is legit?) and the htaccess file is supposed to be there?

    Usually there are not many htaccess files seen in WordPress apart from the Home page with 1 …

    Can you please confirm whether this file is dodgy or a potential risk security or legit?

    BEGIN WPForms The directives (lines) between “BEGIN WPForms” and “END WPForms” are dynamically generated, and should only be modified via WordPress filters. Any changes to the directives between these markers will be overwritten. Disable PHP and Python scripts parsing.

    SetHandler none SetHandler default-handler RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo RemoveType .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo
    php_flag engine off
    php_flag engine off
    php_flag engine off
    Header set X-Robots-Tag “noindex” END WPForms

    Thanks in advance.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support Ralden Souza

    (@rsouzaam)

    Hi @kristinubute,

    Thanks for reaching out!

    Yes, that is a legit file, and here’s a screenshot from the same file on my dev site.

    I hope this helps!

    Thread Starter kristinubute

    (@kristinubute)

    Great thanks, good to know its not dodgy.

    But sometimes there can be a htaccess file in there but has been modified, that’s why I was asking.

    My client site had malware on it, and I noticed there were htaaccess files everywhere, so we had to clean it up.

    Now I don’t trust htaccess files that shouldn’t be there and can’t tell which ones should be. I don’t want to click and read each one.

    Thanks

    Kristin

    Plugin Support Ralden Souza

    (@rsouzaam)

    Hi @kristinubute,

    Thanks for all the details!

    Actually, you can delete the .htaccess file in the uploads folder because it will be recovered when a file is uploaded again.

    Please note that our File Upload field is available with the paid version of WPForms. If you have an active license subscription with us and want more details about it, could you please submit a support ticket through the WPForms account dashboard when you have a chance??

    From there, our support team will be able to take a closer look at any request about WPForms. 

    Thanks!

    Plugin Support Ralden Souza

    (@rsouzaam)

    Hi @kristinubute,

    We haven’t heard back from you in a few days, so I’m going to go ahead and close this thread for now. But if you’d like us to assist further, please feel welcome to continue the conversation.

    Thanks!

    Thread Starter kristinubute

    (@kristinubute)

    HI

    OK so I will delete the htacess file in the uploads directory, as you said it will be recreated if I delete it anyway.

    Thanks

    Plugin Support Ralden Souza

    (@rsouzaam)

    Hi @kristinubute,

    You’re welcome, happy to help!

    And if you need assistance with your paid version of WPForms, please submit a support ticket through the WPForms account dashboard.

    Thanks!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Is this file possibly dodgy in the uploads directory of your directory’ is closed to new replies.

Tags