Scan’s false possitive?
-
We have an index.php file in a wp-includes folder of our installation, with a line on it “Silence is gold” for no attempt to happend and open by an attacker.
Occasionally when wordfence scan scanning, comes back with medium or high risk issues found regarding that file.
When it comes with th medium says that this file has been changed, something that after we investigate if changed, isnt true.
When it comes with the high risk it says Unknown file in WordPress core: wp-includes/index.php Details: This file is in a WordPress core location but is not distributed with this version of WordPress. This scan often includes files left over from a previous WordPress version, but it may also find files added by another plugin, files added by your host, or malicious files added by an attacker. Learn More..
In both cases we proceed with mark as fixed, but wordfence occasionally again, find the same file again as a threat.
Is that a fault positive or not?
How can we manage to avoid that to happend?
Thanx in advance
- The topic ‘Scan’s false possitive?’ is closed to new replies.