Lots of Cerber Folders in wp-content/uploads

Normally, there should be just one folder. It’s created automatically and used by the malware scanner as a quarantine and a temp folder. You might see multiple folders due to DB or disk related issues occurred earlier Aug 2018. You can delete all folders except the newest one.

I found another WordPress site with 3400 of these directories. The date ranges on these stretched back to Jan 18th 2019, and there were a handful with today’s day (4/1/2019). Is there a setting I should check to prevent this? I’m worried about my other WordPress instances.

There is no setting. The plugin creates the folder automatically if it’s unable to get access to it. Do you run the website on a Windows hosting? Do you use a CDN plugin? Jetpack?

Both websites are hosted at WPEngine. Do not use Jetpack. Do not use a CDN plugin.

I just checked another site we host at WPEngine at random, and found 7536 directories!

Clearly there’s something going on with WPE and this plugin/permissions.

• This reply was modified 5 years, 7 months ago by Josiah.

It seems it’s caused by aggressive DB caching. Could you check a DB table for a row?

Yes?

Hi! Have you sorted out the issue?

Not really, I just haven’t had time to inspect more installs. I did notice that on the one site that had 7000+ directories, once I was done inspecting and updating and then actually running a scan, the directory creation stopped. I can’t nail it down to a specific action, but if I had to guess it was running the scan.

I can report back if I find more installs with this issue and maybe isolate the steps to stop the runaway dir creation.

Please check if some of those directories contain the .htaccess file. If no file in there, that means the plugin was unable to write into a directory and so it tried to create another one.

Looks like that’s the case. The site in question had 3 directories left, the newest contained the htaccess file, while the older two did not.

WPEngine has a “reset permissions” feature, I wonder if that would solve it: https://wpengine.com/support/file-permissions/

We’re having the same issue. It only happens on websites hosted on WP Engine. 6000+ wp-cerber-[random hash] folders. Tried changing permissions on most recent folder but nothing seems to work. Is there any way to disable the automatic malware scan? We don’t need this and having 6000+ empty folders in the uploads folder is no good.

Thanks!

FYI I would try running the malware scan at least once. I found that it will sometimes stop the runaway directory creation.

@colewebdev / @harlointeractive – I work for WPE. If you all would like us to help troubleshoot this, please feel free to log into your WP Engine portal and open up a support chat.

@gioni – If there appears to be a platform compatibility issue with WP Engine and your plugin, please email wptech -a-t- wpengine -d-o-t- com and we can see what we can do to help ??

Nice, looks like that did fix the issue Josiah. Thank you!

Just found another install on WPEngine with 14,858 directories dated back to 11/9/2018. About 30 are created each day. It would be good to have this issue resolved with the plugin itself, as opposed to “fixing” each install by running the integrity/malware scan.