sucuri-settings.php

Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
Post Reply
happydog
Junior Member
Posts: 20
Joined: 16 Feb 2015, 15:26

sucuri-settings.php

Post by happydog »

As of today I am getting hundreds of "Hit" emails out of the blue regarding the Wordpress plugin file:

'/wp-content/uploads/sucuri/sucuri-settings.php'

(quarantined to /home/quarantine/cxsuser/[user]/sucuri-settings.php.1521654621_1) Known exploit = [Fingerprint Match]

The quarantined file contains the following file contents:

<?php exit(0); ?>
{"sucuriscan_lastlogin_redirection":"enabled","sucuriscan_revproxy":"disabled"}

Perhaps there was a rules update last night, and if so, are these all false positives? Anyone else getting this today?

Greg
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: sucuri-settings.php

Post by ForumAdmin »

happydog
Junior Member
Posts: 20
Joined: 16 Feb 2015, 15:26

Re: sucuri-settings.php

Post by happydog »

Thanks! That seemed to fix it. I was wondering - when something mission critical happens like that that had us scurrying around trying to figure out what was going on - do you have an alert list we can sign up for that would have sent an email to registered users? I searched the forum before submitting my post but never found the "cxs False Positives" post. Regardless, thanks for the great software. We couldn't live without it!
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: sucuri-settings.php

Post by ForumAdmin »

The best thing to do is to sign up to our blog either by the RSS feed or the twitter account (see the blog).
happydog
Junior Member
Posts: 20
Joined: 16 Feb 2015, 15:26

Re: sucuri-settings.php

Post by happydog »

Will do, thanks!
Post Reply