WebsiteDefender

Community Forums Forums General Discussion WebsiteDefender

This topic is: resolved

Tagged: 

This topic contains 7 replies, has 4 voices, and was last updated by  jchaps82 1 year, 4 months ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #35222

    jchaps82
    Participant
    Post count: 32

    Hello!

    Yesterday my WebsiteDefender came up with a sever alert regarding my Prose child theme.

    Here is what it said:

    Executable file found in WordPress uploads directory

    Description:

    Executable PHP files were found in the WordPress uploads directory. By default WordPress doesn’t allow uploading of PHP files in the uploads directory. Hackers would normally upload malicious executable files to this directory because it’s the only directory in a secure WordPress installation that has write permissions. The presence of this file in the uploads directory may indicate that your system was compromised.
    File Name: /home/drjessec/public_html/wp-content/uploads/prose/custom.php
    What does this mean? Is this something I can safely ignore?
    Thanks!

    #35224

    Anita
    Participant
    Post count: 7574

    Hi, what is the URL to your website?


    When asking for help, please provide a link or screen shot showing your problem!
    Let me help you customize your theme, responsive header, Buddypress, Agentpress or technical issue!
    Visit me here: Cre8tiveDiva.com | Tweet Me!

    #35225

    jchaps82
    Participant
    Post count: 32
    #35228

    Anita
    Participant
    Post count: 7574

    Let me see if I can get someone to answer this. Be back shortly.


    When asking for help, please provide a link or screen shot showing your problem!
    Let me help you customize your theme, responsive header, Buddypress, Agentpress or technical issue!
    Visit me here: Cre8tiveDiva.com | Tweet Me!

    #35229

    jchaps82
    Participant
    Post count: 32

    Thank you Anitac!

    #35238

    Roberto Gomez
    Participant
    Post count: 18

    I bought this plugin and now I live quiet.

    http://affiliates.ait-pro.com/po/

    #35262

    Bill Murray
    Participant
    Post count: 575

    @jchaps82 – There’s nothing to worry about, in all likelihood.

    Prose puts a custom.php in the uploads directory, where you can create custom code that would survive a theme upgrade. It puts it in the uploads directory so that if you wipe out your child theme directory on upgrade, you don’t lose this custom code.

    You can examine the contents of the file, but it likely contains the default contents that came with the theme, and that is simply a comment that does nothing.

    There’s no sense in deleting it, because Prose will just re-create it if it doesn’t exist. You’d have to modify the child theme to change that behavior.

    When you run generic tools, you have to take the warnings with a grain of salt.

    Hope that helps.


    Web: https://wpperform.com or Twitter: @wpperform

    We do managed WordPress hosting.

    #35285

    jchaps82
    Participant
    Post count: 32

    Thank you Roberto and Bill!

Viewing 8 posts - 1 through 8 (of 8 total)

The topic ‘WebsiteDefender’ is closed to new replies.