Tagged: Prose theme
April 13, 2013 at 10:46 am #35222
Yesterday my WebsiteDefender came up with a sever alert regarding my Prose child theme.
Here is what it said:
Executable file found in WordPress uploads directory
Executable PHP files were found in the WordPress uploads directory. By default WordPress doesn’t allow uploading of PHP files in the uploads directory. Hackers would normally upload malicious executable files to this directory because it’s the only directory in a secure WordPress installation that has write permissions. The presence of this file in the uploads directory may indicate that your system was compromised.
File Name: /home/drjessec/public_html/wp-content/uploads/prose/custom.php
What does this mean? Is this something I can safely ignore?
Thanks!April 13, 2013 at 10:53 am #35224
anitacParticipantPost count: 6489April 13, 2013 at 10:55 am #35225April 13, 2013 at 11:21 am #35228
anitacParticipantPost count: 6489
Let me see if I can get someone to answer this. Be back shortly.
April 13, 2013 at 11:38 am #35229
Thank you Anitac!April 13, 2013 at 12:58 pm #35238
Roberto GomezParticipantPost count: 18
I bought this plugin and now I live quiet.April 13, 2013 at 3:10 pm #35262
Bill MurrayParticipantPost count: 572
@jchaps82 – There’s nothing to worry about, in all likelihood.
Prose puts a custom.php in the uploads directory, where you can create custom code that would survive a theme upgrade. It puts it in the uploads directory so that if you wipe out your child theme directory on upgrade, you don’t lose this custom code.
You can examine the contents of the file, but it likely contains the default contents that came with the theme, and that is simply a comment that does nothing.
There’s no sense in deleting it, because Prose will just re-create it if it doesn’t exist. You’d have to modify the child theme to change that behavior.
When you run generic tools, you have to take the warnings with a grain of salt.
Hope that helps.
April 13, 2013 at 5:38 pm #35285
Thank you Roberto and Bill!
The topic ‘WebsiteDefender’ is closed to new replies.