Wordfence flags GravityScan Accelerator file as malware

  • Resolved rmgarber

    (@rmgarber)


    7 years, 8 months ago

    This is more of a heads up post than support request, hope that’s ok.
    After installing the Graivtyscan accelerator file, wordfence flags it as harmful.
    I have since disabled the “Scan files outside your WordPress installation” option. Hopefully that will resolve it, but since you’re all on the same team, thought you might want to not flag your own files ??

Viewing 3 replies - 1 through 3 (of 3 total)

  • I just started using Gravity scan last night and had the same result from a Wordfence scan. One other thing is the Gravity scan results show 40 Critical Vulnerabilities all related to old WordPress versions. Some of them dating back to version 3.4. When you expand the results Gravity suggests updating to the next version which is also out of date. I have the latest version 4.8 installed. My question would be, are there files from previous versions still on my site leaving my site vulnerable even though I have the latest version installed.

    Hi,
    Do you have “Enable HIGH SENSITIVITY scanning” option turned on? if this was the case, then you can click on “Always ignore this file” as it’s known for the high sensitivity scanning to report some false positive results, it’s just because we are using eval and base64_decode fucntions in this file, after you finish your website cleaning process it’s recommended to disable the high sensitivity scanning.

    Thanks.

    Thread Starter rmgarber

    (@rmgarber)

    Thanks, forgot about the high sensitivity option.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Wordfence flags GravityScan Accelerator file as malware’ is closed to new replies.