<?php\x0d\x0a@eval(@openssl_decrypt / suspicious code detected by wordfence

  • Resolved Carlos Pinedo

    (@carlos-pinedo)


    1 year ago

    Hi, I have Redis Object Cache pro preinstalled in my website by Cloudways. Today, Worfecence detected a potentially dangerous code in one of the object cache files.

    The suspicious code is: <?php\x0d\x0a@eval(@openssl_decrypt

    The file name and path are: /home/.code/redis-cache-pro/dir/fWIFijXb.php

    ?Is truly a dangerous code?

    I deeply appreciate any help you can provide.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support Julie

    (@julieadrienne)

    Hey Carlos, no that file is not part of Object Cache Pro. Please reach out to the Cloudways team to see if it is only present on your machine, or on all.

    Thread Starter Carlos Pinedo

    (@carlos-pinedo)

    Thanks a lot Julie I’ll reach Cloudways, but the solution will be to change hosting.

    cwanasmoiz

    (@cwanasmoiz)

    Hey Carlos,

    From Cloudways here, Have you reach out to support yet? we are unable to find your escalation within our support chat and tickets.

    Could you please open a support ticket and share the ticket number here so that our team can immediately look into it?



    Thread Starter Carlos Pinedo

    (@carlos-pinedo)

    Hi cwanasmoiz,

    We’re running into another hiccup because our hosting plan came from a reseller. The account we use on Cloudways seems to be missing the ticket and chat features.

    Not sure if there’s an email where I can shoot over our website domain so you guys can take a look at what’s going on.



    cwanasmoiz

    (@cwanasmoiz)

    Hey Carlos

    Can you drop an email at platformops(at)cloudways.com.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘<?php\x0d\x0a@eval(@openssl_decrypt / suspicious code detected by wordfence’ is closed to new replies.