• GoDaddy Community
  • Websites + Marketing | Website Builders
  • Websites + Marketing | Website Builders

    cancel
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    New

    Wordfence Security found a whole bunch of puzzling problems on my site

    I will check with Wordpress and the app provider, but I'm wondering if my Godaddy.com info has been hacked.  Any ideas?

    Thanks.

     

    This email was sent from your website "xxxxx" by the Wordfence plugin.

    Wordfence found the following new issues on "xxxxx".

    Alert generated at Tuesday 26th of July 2016 at 03:45:41 AM

    Warnings:

    * Unknown file in WordPress core: wp-admin/_vti_cnf/import.php

    * Unknown file in WordPress core: wp-admin/_vti_cnf/install.php

    * Unknown file in WordPress core: wp-admin/_vti_cnf/update-core.php

    * Unknown file in WordPress core: wp-admin/_vti_cnf/upgrade.php

    * Unknown file in WordPress core: wp-admin/css/_vti_cnf/color-picker-rtl.css

    * Unknown file in WordPress core: wp-admin/css/_vti_cnf/color-picker-rtl.min.css

    * Unknown file in WordPress core: wp-admin/css/_vti_cnf/color-picker.css

    * Unknown file in WordPress core: wp-admin/css/_vti_cnf/color-picker.min.css

    4 REPLIES 4
    Moderator

    Hi @JohnLA

    I'm not aware of any issues.
    However, those folder names seem to match what Microsoft Frontpage uses for folder names. If you have used that or recently connected to your hosting plan with it, it might have automatically created those folders.
    They could have also been automatically created by a plugin update or upgrade.
    If you are concerned that you site was compromised, I suggest immediately changing your WordPress password, your FTP password, and your GoDaddy account password. You may also want to consider changing the password of your primary email account.
    ^Gary

    Gary - GoDaddy | Community Moderator
    24/7 Support | Check System Status

    Cheesy

    After changing all connections to the site and resetting the site back a month - i am still getting messages of issues with the wordpress core having unknown files.

     

    Unknown file in WordPress core: wp-admin/js/wp-fullscreen.js

    * Unknown file in WordPress core: wp-admin/js/wp-fullscreen.min.js

    * Unknown file in WordPress core: wp-includes/js/tinymce/plugins/wpfullscreen/plugin.js

    * Unknown file in WordPress core: wp-includes/js/tinymce/plugins/wpfullscreen/plugin.min.js

    * Unknown file in WordPress core: wp-includes/js/tinymce/wp-mce-help.php

    * Unknown file in WordPress core: wp-includes/theme-compat/comments-popup.php

    Hey @tesha!

     

    Are you using the TinyMCE Advanced plugin? Those files appear to be related to that plugin.

     

    Heather - GoDaddy | Community Moderator
    24/7 support available at x.co/247support