Unknown Core Files Warning

  • Resolved dangle2k

    (@dangle2k)


    5 years, 11 months ago

    This morning a scan report showed the following High Severity problems:

    * Unknown file in WordPress core: wp-admin/includes/upgrade.php.orig
    * Unknown file in WordPress core: wp-admin/plugin-uploader.php
    * Unknown file in WordPress core: wp-admin/theme-uploader.php
    * Unknown file in WordPress core: wp-admin/uploader/pclzip.lib.php
    * Unknown file in WordPress core: wp-admin/uploader/upload.php
    * Unknown file in WordPress core: wp-includes/functions.php.orig

    I checked these files against an older backup of the site, about 3 weeks old, and these files were present in the backup, except for the .orig files of course. I checked these files against the backup files and they’re identical so I believe these are WP core files. Why would WF show these as unknown files? Since most of these seem to do with updating/upgrading I did update a few plugins yesterday but still, why would I get this warning? I have not done anything so far but should I just ignore these warnings? Thank you.

Viewing 1 replies (of 1 total)

  • Hey @dangle2k,

    This doesn’t appear to be a normal WordPress installation. But it’s very possible a hosting configured the installation. Here’s some information from a colleague on this.

    #1 Are these files included in WordPress core?
    Short answer, no, they are not.
    You can download a recent WordPress version from here and you will find these files do not exist, or check the official WordPress repository on Github.

    #2 Why are these files on my server then!?
    There are many possibilities here:
    – These files may be traces of old WordPress versions that were not removed after an update.
    – They could be incorrectly included in a web panel’s one-click installer (cPanel, Plesk etc…)
    – Finally, your website may have been compromised and the hacker injected these files into wp-admin and wp-includes folders.

    #3 What should I do now?
    – Ask your hosting provider if you can replace your current WordPress directories / files (except the wp-content folder) with a recent version directly downloaded from www.remarpro.com.
    – You can simply ignore these warnings if your hosting recognizes these files.
    – Also keep watching for such files that should be excluded from our searches in future updates to avoid such warnings. Please let us know if you think there is a false-positive result in this list (always compare to the same version of WordPress installed on your website with a pure copy downloaded from www.remarpro.com).

    https://www.wordfence.com/help/scan/#working-with-scan-results

    Thanks,

    Gerald

Viewing 1 replies (of 1 total)
  • The topic ‘Unknown Core Files Warning’ is closed to new replies.