Malware scan skipped

I am facing the same problem since the recent update of Wordfence. The malware scan skips the ‘/media’ path of my WordPress Installation and displays a notification. This is the first time in two years I get this notification. The ‘/media’ path has always existed on my website.

Marco

Thanks for reaching out.

There is a UI bug that was in the last release that involves the new scan that checks for paths that are not scanned by default. Even if a user has no issues listed at the end of the scan, the Malware Scan icon can show a yellow triangle at the end of the scan. We have fixed this issue in version 7.4,.4 which is now available. Please update to that version as soon as you are able.

The file paths that were skipped were because the scan option “Scan files outside your WordPress installation” used to not be enabled by default. A regular Wordfence scan looks at the following: wp-admin, wp-content, wp-includes, all subdirectories of those directories – all files in your base WordPress directory. But when you enable this option, it scans all subdirectories of your WordPress installation, even if they aren’t part of WordPress. So if you have a directory that is a phpmyadmin installation or a Drupal installation, we will dive down into those directories looking for malicious code and infections, too. We decided to enable this by default to make sure we were getting the best scan results for you. You can enable it in the Scan Options section of the Scan > Scan Options and Scheduling page.

Tim

@wfsupport
Are you sure, you fixed this issue in version 7.4..4.?
I just updated and have the same issue exactly with version 7.4.4.
The paths skipped are ~/.quarantine and ~/.tmb

Any solution?

• This reply was modified 6 years, 4 months ago by WP Gang.

Me, too, on multiple sites with version 7.4.5