Home › Forums › Support Forum › Skipped folders/files
This topic contains 7 replies, has 2 voices, and was last updated by Anti-Malware Admin 1 year, 3 months ago.
-
AuthorPosts
-
August 11, 2023 at 10:20 am #105195
Hi. My site was hacked and after setting up wordfence I also downloaded your plugin to run a scan with as well. One file in quarantine, which wordfence did not pick up in the first place, however your scan is skipping a folder and lots of files. Could you please elaborate, why those files/folder being skipped? Attaching a screenshot on wetransfer with the skipped list
August 11, 2023 at 11:48 am #105206If you hover your mouse over each of those skipped files then it will give you an individual explanation. I expect that most of those are skipped because they are empty (no need to scan an empty file), but some may also be skipped because of the file type.
Please let me know if you this solution satisfies your curiosity, or if there are still some file on that list that concern you then please send me those details.
August 12, 2023 at 2:31 am #105231Thank you so much for your reply, really appreciate it.
So, I ran the scan once again. I got
1 skipped folder – hovering does not work
…/httpdocs/wp-admin/css/colors/blue/blue
115 skipped files – it seems that most of files skipped due to file size (0 bytes/too many bytes)
…/httpdocs/wp-content/logs/newsletter/index.html
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.css
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.css.map
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.less
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/optin.min.css
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.css
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.css.map
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.less
…/httpdocs/wp-content/plugins/complianz-gdpr/cookiebanner/css/settings/animation/none.min.css
…/httpdocs/wp-content/plugins/complianz-gdpr/gutenberg/src/index.min.js
…/httpdocs/wp-content/plugins/complianz-gdpr/templates/integrations/custom-scripts-footer.php
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-app-bar.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-documents.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-panels.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-responsive.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-site-navigation.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor-v1-adapters.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/editor.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/env.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/icons.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/locations.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/query.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/store.strings.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/ui.js
…/httpdocs/wp-content/plugins/elementor/assets/js/packages/ui.strings.js
…/httpdocs/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css
…/httpdocs/wp-content/plugins/envato-elements/src/js/react/components/SearchResults/Photos.jsx
…/httpdocs/wp-content/plugins/envato-elements/src/js/react/components/SearchResults/PremiumTemplateKits.jsx
…/httpdocs/wp-content/plugins/interactive-geo-maps/vendor/freemius/wordpress-sdk/assets/scss/_functions.scss
…/httpdocs/wp-content/plugins/interactive-geo-maps/vendor/hassankhan/config/tests/mocks/pass/empty.yaml
…/httpdocs/wp-content/plugins/powerpack-lite-for-elementor/assets/scss/variables/_magnific-popup.scss
…/httpdocs/wp-content/plugins/really-simple-ssl/assets/css/admin/modules/animations.scss
…/httpdocs/wp-content/plugins/really-simple-ssl/assets/css/admin/modules/ssltest.scss
…/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_classmap.php
…/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_namespaces.php
…/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_psr4.php
…/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_real.php
…/httpdocs/wp-content/plugins/really-simple-ssl/vendor/composer/autoload_static.php
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/css/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/css/jui/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/css/jui/new/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/images/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/inc_php/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/inc_php/framework/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/js/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/js/farbtastic/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/views/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/views/system/index.html
…/httpdocs/wp-content/plugins/unlimited-elements-for-elementor/views/templates/index.html
…/httpdocs/wp-content/plugins/wordfence/css/license/response-variables.1690810710.css
…/httpdocs/wp-content/plugins/wordfence/lib/GeoLite2-Country.mmdb
…/httpdocs/wp-content/uploads/2018/08/beach-beachlife-blue-1011317.jpg
…/httpdocs/wp-content/uploads/2018/08/beach-high-angle-shot-island-673865-1.jpg
…/httpdocs/wp-content/uploads/2018/08/beach-high-angle-shot-island-673865.jpg
…/httpdocs/wp-content/uploads/2018/08/cliffs-climbing-clouds-746421.jpg
…/httpdocs/wp-content/uploads/2018/09/adventure-dark-explorer-42148.jpg
…/httpdocs/wp-content/uploads/2018/09/bavaria-constellations-cosmos-1205301.jpg
…/httpdocs/wp-content/uploads/2018/09/willian-justen-de-vasconcellos-445506.jpg
…/httpdocs/wp-content/uploads/2018/11/16subatfuarplan.jpg
…/httpdocs/wp-content/uploads/2018/11/24-cell.gif
…/httpdocs/wp-content/uploads/2018/11/576f037b65f89669e80fc031180bc6da.gif
…/httpdocs/wp-content/uploads/2018/11/hal-gatewood-405338-unsplash.jpg
…/httpdocs/wp-content/uploads/2018/11/source-2.gif
…/httpdocs/wp-content/uploads/2019/01/TMS-Show-Floor-002.jpg
…/httpdocs/wp-content/uploads/2019/03/sonnie-hiles-741947-unsplash.jpg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-11.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-12.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-13.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-14.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-2.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-25.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-26.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-28.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-3.jpeg
…/httpdocs/wp-content/uploads/2019/07/imgpsh_fullsize_anim-4.jpeg
…/httpdocs/wp-content/uploads/2019/08/imgpsh_fullsize-1.jpeg
…/httpdocs/wp-content/uploads/2019/09/limnos-village-pool.jpeg
…/httpdocs/wp-content/uploads/2019/09/limnos-village-restaurant.jpeg
…/httpdocs/wp-content/uploads/2020/01/ace-of-mice-fuar-videosu-21.11.19.mp4
…/httpdocs/wp-content/uploads/2021/01/satte-2020_EVENT-GUIDE_compressed.pdf
…/httpdocs/wp-content/uploads/2021/04/unnamed-file.jpeg
…/httpdocs/wp-content/uploads/2021/06/Basket.jpg
…/httpdocs/wp-content/uploads/2021/06/Watermill.jpg
…/httpdocs/wp-content/uploads/2022/03/israel-palacio-ImcUkZ72oUs-unsplash.jpg
…/httpdocs/wp-content/uploads/elements/template-97-1552597427/sonnie-hiles-741947-unsplash.jpg
…/httpdocs/wp-content/uploads/essential-addons-elementor/eael-2630.js
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-194.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3305.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3343.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3380.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3503.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3774.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3845.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3883.css
…/httpdocs/wp-content/uploads/themeisle-gutenberg/post-3950.css
…/httpdocs/wp-content/uploads/unlimited_elements_cache/index.html
…/httpdocs/wp-content/uploads/unlimited_elements_cache/export/layouts/ariadne_in_naxos_template_sos_elementor_template.zip
…/httpdocs/wp-content/uploads/unlimited_elements_cache/export/layouts/index.html
…/httpdocs/wp-content/uploads/wpforms/cache/index.html
…/httpdocs/wp-content/wflogs/GeoLite2-Country.mmdb
…/httpdocs/wp-content/uploads/2020/06/Ao_Nang_Beach_Yoga_MP4_HDV_1080p25__TanuriX_Stock_Footage_NS.mp4
…/httpdocs/wp-content/uploads/2020/06/DJI_0597.jpg
…/httpdocs/wp-content/uploads/2020/06/Pexels-Videos-1093652.mp4
…/httpdocs/wp-content/uploads/2020/06/clarisse-meyer-fkW6HF9_UdY-unsplash.jpg
…/httpdocs/wp-content/uploads/2020/06/photo-of-woman-sitting-on-boat-spreading-her-arms-1371360.jpg
…/httpdocs/wp-content/uploads/2020/06/video9.mp4
…/httpdocs/wp-content/uploads/2021/11/peter-chirkov-0-L34rULWt4-unsplash-min.jpg
…/httpdocs/wp-content/uploads/2021/11/pexels-george-desipris-6527117-min.jpg
4 scan/read errors – “Failed to read this file! [-rw-r-r-] (773072 readable?)” Where 773072 some other number for the other three
…/httpdocs/wp-content/plugins/wpforms-lite/assets/css/admin.css
…/httpdocs/wp-content/plugins/wpforms-lite/assets/css/integrations/divi/wpforms-modern-full.css
…/httpdocs/wp-includes/js/dist/date.js
…/httpdocs/wp-includes/js/dist/date.min.js
My question is, what do I with these? Do I leave them as they are and do nothing or do I actively seek out to scan them somehow as well? I would opt for the 2nd option, leave nothing unscanned, but do you have any suggestions as to how?
Thanks again!
August 12, 2023 at 2:45 am #105234I ran the scan on another client’s website as well and I got 8 skipped folders – for all of them hovering over with the mouse says “Failed to read this file! [-rw-r-r-] (773565 Undefined Index:dir)
httpdocs/wp-content/plugins/wpforms-lite/assets/css/admin.css
httpdocs/wp-content/plugins/wpforms-lite/assets/css/integrations/divi/wpforms-modern-full.css
httpdocs/wp-content/uploads/2020/11/FLU_8152-1024×684.jpg
httpdocs/wp-content/uploads/2020/11/FLU_8152-150×150.jpg
httpdocs/wp-content/uploads/2020/11/FLU_8152-1536×1025.jpg
httpdocs/wp-content/uploads/2020/11/FLU_8152-300×200.jpg
httpdocs/wp-includes/js/dist/date.js
httpdocs/wp-includes/js/dist/date.min.js
Both setups WordPress 6.3 and PHP 7.3.33 (I should update the PHP, I know, but whenever I do my site breaks down. I should probably ask my host to assist me on this one)
August 12, 2023 at 5:36 am #105244That first folder that could not be scanned should not even exist:
…/httpdocs/wp-admin/css/colors/blue/blue
There should not be another blue folder inside wp-admin/css/colors/blue/
My guess is that it was skipped because it is a recursive symlink to the parent folder so it would be a needless infinite deep dir to go exploring that path. So You can look on your server to see what is in there but I would advise that you just delete it.Also, a lot of the files you are listing should not even be scanned in the first place. I assume that you have modified the default list of extensions in the “Skip files with the following extensions” field on the settings page. This is not recommended, as those file types are skipped for a reason. There is no need to scan large binary files that cannot be executed on the server anyway. It is true that you could hide some PHP code in some of those files but it could not be executed without an include statement run from within a PHP file, that why my plugin will look for those malicious include statements.
So my plugin generally does a good job of finding the threat without wasting time and server resources searching non-executable code in large binary files, and you will find that the scans are much faster if you restore the default settings there.
August 12, 2023 at 5:42 am #105246There is one thing that troubles me about that error you received about the skipped folders in your last post, where it said “Undefined Index:dir” at the end. could you look in the error_log files on your server to get the details of that particular Warning?
August 13, 2023 at 4:27 am #105291Yes, I did remove the file type limitations supposing that I should scan literally everything. Thanks for clarifying this. I shall also delete the /blue/blue folders.
About the “Undefined Index:dir” could you please direct me as to where I can find the error_log files? Do you mean my server’s error logs or is there a directory where your plugin stores error logs?
August 13, 2023 at 5:17 am #105294The error_log are stored in different places depending on the hosting configuration. You will need to ask you hosting provider where those logs can be found. However, it may be a moot point as I have just release a new plugin update that should fix that error no matter where is was coming from.
As for the blue/blue folders, the wp-admin/css/colors/blue folder itself should be there and it should have CSS files in it, but there should not be another blue folder inside that wp-admin/css/colors/blue/ directory. The second lever blue folder is probably only a symlink to the first one, so that second one is all that should be deleted.
-
AuthorPosts
You must be logged in to reply to this topic.