Home › Forums › BulletProof Security Free › Hidden Plugin Folder|Files (HPF) Alert
Tagged: hidden file, hidden plugin, HPF
- This topic has 68 replies, 13 voices, and was last updated 7 years, 9 months ago by AITpro Admin.
-
AuthorPosts
-
AyannaParticipant
I’m posting this only because I think it’s the only way to stop receiving this forum’s follow-up replies via email.
AITpro AdminKeymaster@ bill – If you did not make a copy of the limit-posts.php file before deleting it then use your web host file restore to restore the limit-posts.php file. If you would like for us to check the file then send the file to: info at ait-pro dot com.
AITpro AdminKeymaster@ Ayanna – If you do not want to recieve emails from this forum topic then click the Unsubscribe link or you can also unsubscribe to forum topics in your user profile.
billParticipantEmail sent. Thank you for your reply.
AITpro AdminKeymaster@ bill – The file is an ancient crappy homemade “plugin” that is not malicious and is instead just junk. There is a legitimate plugin named Limit Posts so that is a completely different legitimate plugin. This “plugin” was detected by HPF as a non-standard WordPress file in the plugins folder for obvious reasons. It is a non-standard WP file and since it is a “plugin” it should be in a plugin folder and not just dumped in the plugins folder. Like I said it’s a homemade job. So you can leave the file and just ignore it using the HPF ignore/whitelist tool. Long term I think you should do something about this like find another legit plugin that does what this “plugin” is doing or copy the code in this “plugin” and put it in your Theme functions.php file.
Plugin Name: Limit Posts Plugin URI: http://labitacora.net/comunBlog/limit-post.phps Description: Limits the displayed text length on the index page entries and generates a link to a page to read the full content if its bigger than the selected maximum length. Usage: the_content_limit($max_charaters, $more_link) Version: 1.1 Author: Alfonso Sánchez-Paus Díaz y Julián Simón de Castro Author URI: http://labitacora.net/ License: GPL Download URL: http://labitacora.net/comunBlog/limit-post.phps Make: In file index.php replace the_content() with the_content_limit(1000, "more")
billParticipantThat was the part that was very confusing to me – but you were able to quickly pinpoint the issue with these guys/that mysterious (and quite random) file. That said, Thank You for allotting the time to look into this for me. Last question: If I can restore the display by adding code to the theme functions file, I’ll do that…. Can I copy+paste what you’ve included above (as is)?
AITpro AdminKeymaster@ bill – Nope don’t use what I posted above. You would need to use the actual code in the plugin and obviously your Theme’s index.php template file has been modified as well. That is where the standard “the_content” function has been replaced with this “plugins” the_content_limit(1000, “more”) code. Or you could change your orginal standard “the_content” function in the index.php file back to what it is supposed to be.
AITpro AdminKeymaster@ bill – A legitimate plugin that modifies the Read More excerpt is here: https://wordpress.org/plugins/read-more-excerpt-link/ So put your original theme’s index.php template file back the way it was, delete the limit-posts.php file and install this plugin Read More Excerpt Link.
This plugin: Read More Without Refresh is a little fancier: https://wordpress.org/plugins/read-more-without-refresh/ and uses a js Modal Show/Hide.
billParticipantOk, I’m going to give it a shot… So, to confirm:
1. Change the_content_limit(1000, “more”) back to the_content in the index.php file.
2. Download the cool plugin you’ve located that performs the same/possibly even better function.
Edit: 3. Delete the limit-posts.php file.
Is this correct?Update: this is all I found in my theme’s index.php file:
<?php get_header(); ?> <?php include (TEMPLATEPATH . '/includes/slider.php'); ?> <?php include (ABSPATH . '/wp-content/plugins/logo-slideshow/logo-slider.php'); ?> <?php get_footer(); ?>
JezParticipant[Topic has been merged into this relevant Topic]
I too have problems with the latest update to the free BPS release. I have read previous threads about adding file paths to the teaxt area box of ignore hidden plugins and files but I still get the same warnings. I tried adding the log error php code that you mentioned too. Nothing changed. I now have 14 errors about hidden files or plug-ins. It may be that I am not entering the file name correctly. I assumed I could just copy and paste them from the warnings but this didn’t work. I then just copied the end of the files from plugins… but that didn’t work either, although it did add two new entries saying htacess core – wordpress debugging is turned on and word press debug logging is turned on. It tells me how to turn them off but is it correct to do so.I’m looking for some further help, sorry, I can’t get the other advice to work.
Here is an example of one of the warnings: BPS Hidden Plugin Folder|Files (HPF) Alert
An unrecognized/non-standard WP file was found in your /plugins/ folder. This file may be a hacker file or contain hacker code. If you recognize this file and/or it is safe to ignore this file you can ignore this file check by adding the file name in the Ignore Hidden Plugin Folders & Files textarea box option to make this Alert go away.
File Path: /home/www/mydomain.com/wordpress/wp-content/plugins/wprc-config.php
Last Modified Time: 17/06/2014 @ 22:12
Last Change Time: 22/01/2016 @ 22:11
Last Access Time: 22/01/2016 @ 22:11AITpro AdminKeymaster@ bill – Then the modified code must be in one of your other Theme template files: https://codex.wordpress.org/Theme_Development#Template_Files_List Most likely the modified code is in the single.php or page.php or archive.php template file or maybe the modified code is in all of these Theme template files.
AITpro AdminKeymaster@ Jez – Please read this forum reply: http://forum.ait-pro.com/forums/topic/hidden-plugin-folderfiles-alert/page/2/#post-30151
JezParticipantThank you for your response. I had already read that post. I have entered the file names into the appropriate text box area but they still appear as warnings. I tried adding the log error php code that you mentioned too. No joy there either. ALl the warnings relate to a specific date 22/01/2016 which may just be coincidence I suppose. As I said in my previous note may be I am entering the codes incorrectly. I tried copying and pasting the file path from the warning. That didn’t work. I tried just from plugins and that didn’t work either. I’m afraid I am still in need of some assistance.
AITpro AdminKeymasterDo these steps.
1. Go to the Ignore Hidden Plugin Folders & Files textarea box.
2. Paste this into the textarea box: wprc-config.php
3. Click the Save Plugin Folder|Files Ignore Rules button.If you have other files or folders that you are know are safe and are not hacker files or folders then you would add each of those filenames or folder names using this format (comma and space inbetween each filename or foldername): filename.php, foldername, another-filename.php, another-foldername
billParticipantThanks again for taking the time to look into this for me. Per your instructions, I’ll comb the files and post back with an update…
-
AuthorPosts
- You must be logged in to reply to this topic.