hargitt
Forum Replies Created
-
Hi @wfphil ,
I appreciate the team looked into this and found the code was not malicious which corresponds to the vendor assessment already provided. The original request here is to exclude this false positive instead of having to select the ignore option 100s of times each time the scan runs. This alert comes up for every cached pages so we have hundreds so it buries other potential real threads in the noise of the occurrences of this false positive.
I have sent the file to you via email. Following is the Wordfence alert related to this file:
File appears to be malicious or unsafe: wp-content/cache/wp-rocket/…/index-https.html
Type: File, Issue Found May 8, 2026 11:58 AM, status: Critical
Details
Filename: /home/…/wp-content/cache/wp-rocket/…/index-https.html
File Type: Not a core, theme, or plugin file from ww.wp.xz.cn
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: +-parseInt(k(0x124,’jih’))/(-0x10x103a+0x1890x1+0xeb7)(-parseInt(k(0x12e,’Sjm5The issue type is: Obfuscated:JS/parser.13743
Description: Behavior often seen in malicious JavaScriptWe are getting it for the WP Rocket cached HTML files only.
Following is the answer we got from Avada support after a few back and forths:
Thanks for getting in touch with us. My name is Michael C and I’ll be your assigned support rep.
Please try adding the following to your child theme or parent theme’s functions.php file:
add_action( ‘admin_head’, ‘admin_css’ );
function admin_css(){ ?>
<style>
.fusionb-dialog-form.ui-dialog button {
position: relative !important;
float: none !important;
}
</style>
<?php
}That should solve the problem.
Please note, we do not guarantee compatibility with all plugins.
Lingotek is a fairly new plugin which overrides the Fusion Builder CSS.