Unknown file in WordPress core

  • Resolved wbweb2019

    (@wbweb2019)


    7 months, 2 weeks ago

    Hi

    My recent scan flagged up the below file as a ‘high issue’. Pleases can someone advise if this file is safe and if so can I delete it or ignore it?

    Filename: /home/sites/9a/b/b66c3f41ea/public_html/wp-admin/css/colors/coffee/php.ini

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @wbweb2019, thanks for reaching out about this.

    Without seeing the contents of the file I would take the recommendation to remove it, although take a backup first to your local machine just in case. Some hosts have been known to add php.ini files to every folder (IONOS’ Click & Build for example) but a one-off – especially in a css folder – is more suspicious.

    If it reinstates itself the next day or in the near future, ask your host if there’s any reason why they might be adding it. If they’re not, it might be worth sending to samples @ wordfence . com as our team may be able to assist with identifying the source if Wordfence isn’t finding a threat during its scans.

    Thanks,
    Peter.

    Hey @wbweb2019,

    In addition to what @wfpeter suggested, click here for additional history concerning your issue.

    Given the number of IONOS customers reporting the same or very similar issue, highly recommend contacting IONOS support for a solution. If they don’t cooperate or their practices are not acceptable to you, consider switching to another hosting company.

    Many hosting companies that offer “cheap, shared-hosting” solutions (e.g., GoDaddy, IONOS) are known for altering WordPress core files to suit their needs.

    If satisfied with the above, please consider closing this topic as “Resolved.”

    Cheers!

    A little bit more context: IONOS needs a php.ini file, for memory limit + opcache, to work proberly in every folder https://www.ionos.com/help/hosting/using-php-for-web-projects/applying-php-settings-to-all-subdirectories/

    Thread Starter wbweb2019

    (@wbweb2019)

    Thank you for the replies.

    The website is not IONOS. Does this still mean I can safely remove it?

    Hey @wbweb2019,

    If that’s the case, then yes. Perform the following:

    1. Make a back-up of your site.
    2. Delete the pesky file(s).
    3. Perform a basic integrity check of your site (i.e., log out of your site, then navigate to your site’s pages in Incognito or Private mode).
    4. Log into your site then re-run Wordfence.

    You should be good to go!

    If satisfied with the assistance you received, please consider closing this topic as “Resolved.”

    Thank you!

    Thread Starter wbweb2019

    (@wbweb2019)

    Thanks. Deleted the file and re-running the scan now. ????

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Unknown file in WordPress core’ is closed to new replies.