Alert: File Guard detection, php script

  • Resolved Anna

    (@anna88sabu)


    4 years, 11 months ago

    Is this message dangerous from Ninja File Guard:

    ” Someone accessed a script that was modified or created less than 10 hour(s) ago:
    ……SCRIPT_FILENAME:….
    /app/wp-itapi.php
    REQUEST_URI: /wp-itapi.php

    or
    SCRIPT_FILENAME:……./app/deleteme.chapto75.php
    REQUEST_URI: /deleteme.chapto75.php?n=2&m=5

    app/deleteme.chayfpdz.php
    REQUEST_URI: /deleteme.chayfpdz.php?n=2&m=5

    /app/deleteme.chaqfro6.php
    REQUEST_URI: /deleteme.chaqfro6.php?n=2&m=5″

    The wordpress site has been around for a while, but the Ninja Firewall plugin has been newly installed for about 2 weeks.
    I do not understand the messages from Ninja. Is there a virus or is this php script news ok?

    Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author nintechnet

    (@nintechnet)

    4 years, 11 months ago

    What it means is that those files were just created and someone accessed them (e.g. http://your-site/app/deleteme.chapto75.php?n=2&m=5).
    As you enabled File Guard, it caught that in real time and alerted you.
    It seems to me that your hosting plan may have an installer such as Installatron or Fantastica that created those temporary files. I don’t thinks it is malicious. Can you ask your host about that?

    Thread Starter Anna

    (@anna88sabu)

    4 years, 11 months ago

    Yes, I can ask my host. Thank you for the answer!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Alert: File Guard detection, php script’ is closed to new replies.