Prevent Malicious files from being uploaded

  • Resolved awright

    (@adamwrethinkfirst)


    2 years ago

    Hello, does Wordfence scan and prevent malicious files from being uploaded? We received this issue from our IT security department.

    Description:
    A sufficiently privileged user can upload malicious documents to the target application.

    Detailed Information:
    A crafted and known malicious (yet controlled and benign) document was uploaded to the target application and was seemingly not blocked by antivirus software. The risk associated with this is that the application (and by association, the Azure storage service) can be used to house malicious and unfiltered content which may be against policy or introduce risk to the business. The web application could unwittingly be used to indirectly store malicious software that could be used to attack users of the application and spread malware.

    Suggested Remediation:
    Filter all uploaded files through anti-virus software to ensure user-provided documents are not malicious.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @adamwrethinkfirst, thanks for your query.

    In Wordfence there are usually 3 possible firewall rules involved when a file is uploaded. “Malicious File Upload“, “Malicious File Upload (PHP)“, or “Malicious File Upload (Patterns)”. These rules can be found in Wordfence > All Options > Firewall Options > Advanced Firewall Options > Rules, after expanding the list. There are layers to how uploaded files are checked, and will look for malicious code.

    It’s also possible through plugins to further restrict (or expand) filetypes that are allowed to be uploaded before any Wordfence checking is involved.

    Thanks,
    Peter.

    Thread Starter awright

    (@adamwrethinkfirst)

    Thank you very much Peter for your response.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Prevent Malicious files from being uploaded’ is closed to new replies.