WordPress core file modified

  • wouter

    (@themoosewhisperer)


    1 year, 8 months ago

    I received a message that a WordPress core file was modified: index.php. This happened the day after I (1) moved to a new hosting provider and (2) followed the step suggested by the Wordfence plugin to enable the Wordfence Web Application Firewall. Could this have anything to do with one of these events? Otherwise I am not sure how it happened and whether it is bad news or not.

    Thank you!

    Screenshot of changes to the index.php file:
    https://pasteboard.co/St0tIwkyCo46.png

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    1 year, 8 months ago

    Hi @themoosewhisperer, thanks for providing the specific details.

    The main difference between these index files is that __DIR__ has less overhead to basically do the same thing as dirname(__FILE__). This was changed when WordPress changed its minimum requirement to be PHP 5.6.

    I don’t see that this would be changed maliciously, but did the server move roll back WordPress versions, or did you restore a site backup containing the older version of the file? You should be safe to keep the original version if you’re on PHP 5.6 or above, as that reflects the newer __DIR__ code.

    Many thanks,
    Peter.

    Thread Starter wouter

    (@themoosewhisperer)

    1 year, 8 months ago

    Hi Peter,

    Thanks a lot for the reply. I am not aware of any roll back, however it could be possible that the person who migrated used an old version of the WordPress installation. I’m already glad to hear that the likelyhood of it being malicious is very low.

    Thanks a lot.

    Best,
    Wouter

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘WordPress core file modified’ is closed to new replies.