Backdoor File | ww.wp.xz.cn

Resolved haireware
(@haireware)

11 years, 10 months ago

Hi, thanks for this plugin. It works awesome. On July 18, one of my scanners found this: Warning: File possibly compromised: ./wp-content/plugins/all-in-one-wp-security-and-firewall/admin/wp-security-filesystem-menu.php (php.backdoor.webshell_gen.045). Manual review recommended.

Is that an ok thing?

https://ww.wp.xz.cn/plugins/all-in-one-wp-security-and-firewall/

Viewing 5 replies - 1 through 5 (of 5 total)

Plugin Contributor mbrsolution
(@mbrsolution)

11 years, 10 months ago

Hi haireware can you share with us which scanner did you use that detected that file as being compromised?

Thank you

Thread Starter haireware
(@haireware)

11 years, 10 months ago

Sucuri

mra13 / Team Tips and Tricks HQ
(@mra13)

11 years, 10 months ago

We don’t have the following string anywhere in the code:

php.backdoor.webshell_gen.045

Delete the plugin and re-install it. Then do a scan.

Thread Starter haireware
(@haireware)

11 years, 10 months ago

Ok. I will do that. The weird thing is it found it on the weekly auto scan on july 18 then on the next weekly scan it said the site was clean and nothing was changed. It could have been a fluke.

Plugin Contributor wpsolutions
(@wpsolutions)

11 years, 10 months ago

@haireware,
I’m almost certain this is a false positive – as per the reply made by Daniel Cid from sucuri in the following thread with the same scanner message:

http://ww.wp.xz.cn/support/topic/got-warning-on-sucuri-regarding-possible-plugin-fileinfiltration?replies=11

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Backdoor File’ is closed to new replies.

5 replies
4 participants
Last reply from: wpsolutions
Last activity: 11 years, 10 months ago
Status: resolved