Unknown file in WordPress core: wp-admin/includes/upgrade.php.bak

  • Resolved bellejoj

    (@bellejoj)


    3 years, 9 months ago

    I recently received an alert from Wordfence stating High Severity Problems:

    * Unknown file in WordPress core: wp-admin/includes/upgrade.php.bak

    My host tells me someone must have put the file there, but that they can’t find any malware or malicious activity.

    I’m at a loss as to how to proceed now? Do I delete the file? Mark as fixed? Nothing?

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @bellejoj, thanks for reaching out to us.

    Rather than feel Wordfence is flagging a false positive here, the name of the file upgrade.php.bak suggests that this was erroneously left behind from a plugin/theme/WordPress version update. Some update processes may back up an older file in case the installation is interrupted so that it can revert back. It’s probably safe to allow the Wordfence to delete the file though, just to be on the safe side.

    To give you more background, Wordfence uses the www.remarpro.com repository to track all latest-version plugin files, along with the current WordPress installation itself. When it finds a file that isn’t part of that repository (and if you did not create that file yourself), it is likely to be correct that it shouldn’t be there.

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Unknown file in WordPress core: wp-admin/includes/upgrade.php.bak’ is closed to new replies.