WP file in the ROOT directory

  • Hi,

    Today I have found file on my WordPress root directory – the file name is “WP” (without no extension), here is code of this file:

    #!/bin/bash

if [ -x /usr/bin/wget ]; then
if [ -d /opt ]; then
wget -O /opt/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x /opt/wp
echo 'use this for path';
echo 'export PATH=/opt/cpanel/ea-php71/root/usr/bin:$PATH'
echo
echo '/opt/wp core verify-checksums'
echo
echo 'export PATH=/opt/cpanel/ea-php71/root/usr/bin:$PATH; /opt/wp core verify-checksums; /opt/wp core update; /opt/wp plugin update --all; /opt/wp theme update --all; /opt/wp plugin verify-checksums --all';
else
echo '/opt does not exist';
fi
else
echo '/usr/bin/wget does not exist';
fi

    Does anyone know what is this file for? and how it was created automatically today?

    Thanks ??

Viewing 4 replies - 1 through 4 (of 4 total)

  • There is a command line interface for WordPress. See https://wp-cli.org/ and the GitHub repository to see if the code matches.
    Are you sure it got there automatically? Did you have a developer working on your site?

    Thread Starter WP Royal

    (@wproyal)

    Hi,

    I have compared files and yes they are the same, I have no developer working on my site, I have good server protection – Installed wordfence pro version, DDos protection, ACF Firewall and many other things – I am really wondering how this file was created.

    Probably somone tries to hack me and destroy my business. Do you have any other suggestions about how this file was created? any recommendations on how to protect my server?

    Thanks

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Probably somone tries to hack me and destroy my business.

    Then they are the nicest hackers in creation. Thoughtful even.

    *Drinks coffee*

    Most likely that file was created by your host to facilitate the inclusion of that wp-cli conmand. It’s likely just a harmless mistake but contact your host. They may have done that to provide you and others the ability to manager your WordPress installation via the CLI.

    Thread Starter WP Royal

    (@wproyal)

    OK.

    Thank you very much for the answer. I will check this with the host.

    Kind Regards,
    Nick

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘WP file in the ROOT directory’ is closed to new replies.