Hi @mugsy, thanks for getting in touch.
There’s currently no way to bulk allowlist as we have designed this to prevent accidentally skimming over actual threats hiding amongst other results. However, we appreciate there may be occasions when it’s useful so it has been passed as a development request to our team.
It’s not generally considered good practice for plugins to add files of any kind to the core WordPress folders, so if that’s the reason they’ve been flagged as high threat files there may be another option available to you. In Wordfence > All Options > Scan Options > Advanced Scan Options > Exclude files from scan that match these wildcard patterns (one per line), you could add path-to/emojis/*
You can read more about how to format the entry here: https://www.wordfence.com/help/scan/options/#exclude-files
Thanks,
Peter.
Thread Starter
Mugsy
(@mugsy)
Thank you for the reply.
Yes, the *.gif” images are indeed part of a plugin. Adding the exclusion took me from “160 detected threats” to just “78” (most “Low” threat.) Thanks.
Question though: Every scan, I get messages similar to this:
“The Plugin “Captcha” has been removed from ww.wp.xz.cn.”
Does this mean Wordfence removed these items as a threat, or it’s a threat because it’s missing and needs to be restored?
TIA
Hi @mugsy,
Wordfence checks for outdated plugins that may pose a security threat as they’re no longer being maintained by developers or have indeed been removed from the ww.wp.xz.cn repository altogether. Sometimes they are removed from the repository by ww.wp.xz.cn due to security issues that have gone unresolved. This notice is to let you know so that you can make an informed decision on what to do next.
My recommendation is to find an active plugin that performs the same function(s) as your current one and totally remove the plugin that is no longer available in the WordPress > Plugins > Add New search.
Thanks,
Peter.
Thread Starter
Mugsy
(@mugsy)
Thanks for the follow-up. Your previous suggestion of using the “Exclude List” in the Advanced Options seems to have resolved the issue.
The false positives I was encountering were almost entirely from a plugin that added gif emoji’s to the text editor (the “gif’s” were what WF was flagging.)
Since there really is no other way to do that w/o using gif’s, changing plugins probably wouldn’t help.
Thx.
Hi @mugsy,
There’s nothing technically wrong with the gifs, it’s just that Wordfence will flag anything new or modified in the core WordPress folders that shouldn’t be there unless you exclude them (as we discussed, and you have done.)
It’s generally accepted that plugins won’t have this behavior so our checks in this area are to largely find files that have been modified by malware but there are exceptions and this seems to be one of those cases.
Thanks again,
Peter.
