Skipped folders/files

Home Forums Support Forum Skipped folders/files

This topic contains 7 replies, has 2 voices, and was last updated by  Anti-Malware Admin 8 months, 1 week ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #105195

    LP PL
    Member

    Hi. My site was hacked and after setting up wordfence I also downloaded your plugin to run a scan with as well. One file in quarantine, which wordfence did not pick up in the first place, however your scan is skipping a folder and lots of files. Could you please elaborate, why those files/folder being skipped? Attaching a screenshot on wetransfer with the skipped list

    https://we.tl/t-f1yuco373S

    #105206

    Anti-Malware Admin
    Key Master

    If you hover your mouse over each of those skipped files then it will give you an individual explanation. I expect that most of those are skipped because they are empty (no need to scan an empty file), but some may also be skipped because of the file type.

    Please let me know if you this solution satisfies your curiosity, or if there are still some file on that list that concern you then please send me those details.

    #105231

    LP PL
    Member

    Thank you so much for your reply, really appreciate it.

    So, I ran the scan once again. I got

     

    1 skipped folder – hovering does not work

    …/httpdocs/wp-admin/css/colors/blue/blue

     

    115 skipped files – it seems that most of files skipped due to file size (0 bytes/too many bytes)

    …/httpdocs/wp-content/logs/newsletter/index.html

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.css

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.css.map

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.less

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.min.css

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.css

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.css.map

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.less

    …/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.min.css

    …/httpdocs/wp-content/plugins/complianz-gdpr/gutenberg/src/index.min.js

    …/httpdocs/wp-content/plugins/complianz-gdpr/templates/integrations/custom-scripts-footer.php

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-app-bar.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-documents.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-panels.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-responsive.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-site-navigation.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-v1-adapters.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/env.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/icons.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/locations.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/query.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/store.strings.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/ui.js

    …/httpdocs/wp-content/plugins/elementor/assets/js/packages/ui.strings.js

    …/httpdocs/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css

    …/httpdocs/wp-content/plugins/envato-elements/src/js/react/components/SearchResults/Photos.jsx

    …/httpdocs/wp-content/plugins/envato-elements/src/js/react/components/SearchResults/PremiumTemplateKits.jsx

    …/httpdocs/wp-content/plugins/interactive-geo-maps/vendor/freemius/wordpress-sdk/assets/scss/_functions.scss

    …/httpdocs/wp-content/plugins/interactive-geo-maps/vendor/hassankhan/config/tests/mocks/pass/empty.yaml

    …/httpdocs/wp-content/plugins/powerpack-lite-for-elementor/assets/scss/variables/_magnific-popup.scss

    …/httpdocs/wp-content/plugins/really-simple-ssl/assets/css/admin/modules/animations.scss

    …/httpdocs/wp-content/plugins/really-simple-ssl/assets/css/admin/modules/ssltest.scss

    …/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_classmap.php

    …/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_namespaces.php

    …/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_psr4.php

    …/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_real.php

    …/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_static.php

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/css/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/css/jui/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/css/jui/new/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/images/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/inc_php/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/inc_php/framework/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/js/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/js/farbtastic/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/views/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/views/system/index.html

    …/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/views/templates/index.html

    …/httpdocs/wp-content/plugins/wordfence/css/license/response-variables.1690810710.css

    …/httpdocs/wp-content/plugins/wordfence/lib/GeoLite2-Country.mmdb

    …/httpdocs/wp-content/uploads/2018/08/beach-beachlife-blue-1011317.jpg

    …/httpdocs/wp-content/uploads/2018/08/beach-high-angle-shot-island-673865-1.jpg

    …/httpdocs/wp-content/uploads/2018/08/beach-high-angle-shot-island-673865.jpg

    …/httpdocs/wp-content/uploads/2018/08/cliffs-climbing-clouds-746421.jpg

    …/httpdocs/wp-content/uploads/2018/09/adventure-dark-explorer-42148.jpg

    …/httpdocs/wp-content/uploads/2018/09/bavaria-constellations-cosmos-1205301.jpg

    …/httpdocs/wp-content/uploads/2018/09/willian-justen-de-vasconcellos-445506.jpg

    …/httpdocs/wp-content/uploads/2018/11/16subatfuarplan.jpg

    …/httpdocs/wp-content/uploads/2018/11/24-cell.gif

    …/httpdocs/wp-content/uploads/2018/11/576f037b65f89669e80fc031180bc6da.gif

    …/httpdocs/wp-content/uploads/2018/11/hal-gatewood-405338-unsplash.jpg

    …/httpdocs/wp-content/uploads/2018/11/source-2.gif

    …/httpdocs/wp-content/uploads/2019/01/TMS-Show-Floor-002.jpg

    …/httpdocs/wp-content/uploads/2019/03/sonnie-hiles-741947-unsplash.jpg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-11.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-12.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-13.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-14.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-2.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-25.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-26.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-28.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-3.jpeg

    …/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-4.jpeg

    …/httpdocs/wp-content/uploads/2019/08/imgpsh_fullsize-1.jpeg

    …/httpdocs/wp-content/uploads/2019/09/limnos-village-pool.jpeg

    …/httpdocs/wp-content/uploads/2019/09/limnos-village-restaurant.jpeg

    …/httpdocs/wp-content/uploads/2020/01/ace-of-mice-fuar-videosu-21.11.19.mp4

    …/httpdocs/wp-content/uploads/2021/01/satte-2020_EVENT-GUIDE_compressed.pdf

    …/httpdocs/wp-content/uploads/2021/04/unnamed-file.jpeg

    …/httpdocs/wp-content/uploads/2021/06/Basket.jpg

    …/httpdocs/wp-content/uploads/2021/06/Watermill.jpg

    …/httpdocs/wp-content/uploads/2022/03/israel-palacio-ImcUkZ72oUs-unsplash.jpg

    …/httpdocs/wp-content/uploads/elements/template-97-1552597427/sonnie-hiles-741947-unsplash.jpg

    …/httpdocs/wp-content/uploads/essential-addons-elementor/eael-2630.js

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-194.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3305.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3343.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3380.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3503.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3774.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3845.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3883.css

    …/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3950.css

    …/httpdocs/wp-content/uploads/unlimited_elements_cache/index.html

    …/httpdocs/wp-content/uploads/unlimited_elements_cache/export/layouts/ariadne_in_naxos_template_sos_elementor_template.zip

    …/httpdocs/wp-content/uploads/unlimited_elements_cache/export/layouts/index.html

    …/httpdocs/wp-content/uploads/wpforms/cache/index.html

    …/httpdocs/wp-content/wflogs/GeoLite2-Country.mmdb

    …/httpdocs/wp-content/uploads/2020/06/Ao_Nang_Beach_Yoga_MP4_HDV_1080p25__TanuriX_Stock_Footage_NS.mp4

    …/httpdocs/wp-content/uploads/2020/06/DJI_0597.jpg

    …/httpdocs/wp-content/uploads/2020/06/Pexels-Videos-1093652.mp4

    …/httpdocs/wp-content/uploads/2020/06/clarisse-meyer-fkW6HF9_UdY-unsplash.jpg

    …/httpdocs/wp-content/uploads/2020/06/photo-of-woman-sitting-on-boat-spreading-her-arms-1371360.jpg

    …/httpdocs/wp-content/uploads/2020/06/video9.mp4

    …/httpdocs/wp-content/uploads/2021/11/peter-chirkov-0-L34rULWt4-unsplash-min.jpg

    …/httpdocs/wp-content/uploads/2021/11/pexels-george-desipris-6527117-min.jpg

     

    4 scan/read errors – “Failed to read this file! [-rw-r-r-] (773072 readable?)” Where 773072 some other number for the other three

    …/httpdocs/wp-content/plugins/wpforms-lite/assets/css/admin.css

    …/httpdocs/wp-content/plugins/wpforms-lite/assets/css/integrations/divi/wpforms-modern-full.css

    …/httpdocs/wp-includes/js/dist/date.js

    …/httpdocs/wp-includes/js/dist/date.min.js

     

    My question is, what do I with these? Do I leave them as they are and do nothing or do I actively seek out to scan them somehow as well? I would opt for the 2nd option, leave nothing unscanned, but do you have any suggestions as to how?

    Thanks again!

     

    #105234

    LP PL
    Member

    I ran the scan on another client’s website as well and I got 8 skipped folders – for all of them hovering over with the mouse says “Failed to read this file! [-rw-r-r-] (773565 Undefined Index:dir)

     

    httpdocs/wp-content/plugins/wpforms-lite/assets/css/admin.css

    httpdocs/wp-content/plugins/wpforms-lite/assets/css/integrations/divi/wpforms-modern-full.css

    httpdocs/wp-content/uploads/2020/11/FLU_8152-1024×684.jpg

    httpdocs/wp-content/uploads/2020/11/FLU_8152-150×150.jpg

    httpdocs/wp-content/uploads/2020/11/FLU_8152-1536×1025.jpg

    httpdocs/wp-content/uploads/2020/11/FLU_8152-300×200.jpg

    httpdocs/wp-includes/js/dist/date.js

    httpdocs/wp-includes/js/dist/date.min.js

     

    Both setups WordPress 6.3 and PHP 7.3.33 (I should update the PHP, I know, but whenever I do my site breaks down. I should probably ask my host to assist me on this one)

    #105244

    Anti-Malware Admin
    Key Master

    That first folder that could not be scanned should not even exist:
    …/httpdocs/wp-admin/css/colors/blue/blue
    There should not be another blue folder inside wp-admin/css/colors/blue/
    My guess is that it was skipped because it is a recursive symlink to the parent folder so it would be a needless infinite deep dir to go exploring that path. So You can look on your server to see what is in there but I would advise that you just delete it.

    Also, a lot of the files you are listing should not even be scanned in the first place. I assume that you have modified the default list of extensions in the “Skip files with the following extensions” field on the settings page. This is not recommended, as those file types are skipped for a reason. There is no need to scan large binary files that cannot be executed on the server anyway. It is true that you could hide some PHP code in some of those files but it could not be executed without an include statement run from within a PHP file, that why my plugin will look for those malicious include statements.

    So my plugin generally does a good job of finding the threat without wasting time and server resources searching non-executable code in large binary files, and you will find that the scans are much faster if you restore the default settings there.

    #105246

    Anti-Malware Admin
    Key Master

    There is one thing that troubles me about that error you received about the skipped folders in your last post, where it said “Undefined Index:dir” at the end. could you look in the error_log files on your server to get the details of that particular Warning?

    #105291

    LP PL
    Member

    Yes, I did remove the file type limitations supposing that I should scan literally everything. Thanks for clarifying this. I shall also delete the /blue/blue folders.

    About the “Undefined Index:dir” could you please direct me as to where I can find the error_log files? Do you mean my server’s error logs or is there a directory where your plugin stores error logs? 

    #105294

    Anti-Malware Admin
    Key Master

    The error_log are stored in different places depending on the hosting configuration. You will need to ask you hosting provider where those logs can be found. However, it may be a moot point as I have just release a new plugin update that should fix that error no matter where is was coming from.

    As for the blue/blue folders, the wp-admin/css/colors/blue folder itself should be there and it should have CSS files in it, but there should not be another blue folder inside that wp-admin/css/colors/blue/ directory. The second lever blue folder is probably only a symlink to the first one, so that second one is all that should be deleted.

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

Comments are closed.