Please Include This Important Feature

  • Resolved mwarbinek

    (@mwarbinek)


    6 years, 8 months ago

    So far WordFence notifies us by email for many things, but one thing it does not send an alert email for is when WordFence scan catches a crucial system file that is open to public viewing.

    This just happened to me (today). I had no email notifying me and Yes, email notifications are turned on. It was a “.ini” file that WordFence used or created. I deleted the file.

    I would have never known about it since all has been fine, according to lack of notifications and that delay gives hackers time to access that file.

    I checked the settings in the plugin and there is no setting to notify us when crucial system files hackers can use are open for public viewing.

    Thus, I suggest that this feature be included in the next update. For any crucial files that are found to be open to public viewing when they should be hidden, that the plugin notifies us asap.

    Thanks

Viewing 4 replies - 1 through 4 (of 4 total)

  • Was it a .user.ini file? If you deleted that you probably just disabled extended protection for the firewall. If that was the case, set it up again and this time use the ‘hide file’ button to add the proper htaccess rule to disable viewing the file in a web browser when the scan shows it again.

    An alert should be sent for this when you have the “Alert on warnings” enabled (Dashboard > Global Options page in the Email Alerts section). Was that enabled on yours?

    tim

    Thread Starter mwarbinek

    (@mwarbinek)

    Yes, it was. I was not sure if I should give the full name of it here in the forum, but since you did, Yes.

    Yes, I had to reset the Firewall.

    Alerts – I had All of them checked/activated, yet I got no warning sent.

    Is there a way to test this again, like do something (safe) to the “ini” file and wait to see if I get a warning email? Example, enter a comment into the file?

    There is code in the .htaccess file that blocks access to that file when you choose to hide it. If the firewall is optimized again that same file has been recreated. To detect it again, you’d need to remove the code block from the .htaccess file. The code will start with this:

    # Wordfence WAF
<Files

    and end with 

    </Files>

# END Wordfence WAF

    Tim

    Thread Starter mwarbinek

    (@mwarbinek)

    Thanks ??

    • This reply was modified 6 years, 7 months ago by mwarbinek.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Please Include This Important Feature’ is closed to new replies.