SECURITY LOG GETTING FLAGGED BY IMUNIFYAV

[OCALA DESIGNS]

For some reason, ImunifyAV keeps flagging this file. Even after I delete it in the BPS plugin, it gets flagged when it’s empty. Thoughts?

	
/home/SITEDIRECTORY/public_html/wp-content/bps-backup/logs/http_error_log.txt

The reason is: Infected with SMW-INJ-18355-php.bkdr.upldr-8

[OCALA DESIGNS]

And it’s not all the sites on the server, just this one site which is odd.

[AITpro Admin]

An attack occurred on your website that was blocked and logged in the Security Log file.  Most likely a POST Request attack.  ImunifyAV is a malware scanner.  Malware scanners search for matching patterns and virus signatures.  So ImunifyAV is seeing a matching pattern in the Security Log text file.  I assume that since you are still seeing an ImunifyAV warning then it is showing what it found in the past and not what currently exists (until the next scan occurs).

To prevent this from happening in the future > Go to the Security Log page > POST Request Body Data > select this checkbox > Do Not Log POST Request Body Data (0KB) and uncheck the other 2 checkboxes if they are checked.  Save your new settings.

[OCALA DESIGNS]

That’s the thing, I can delete the log using the button on the security log page, then manually rescan the site and it pops again for some reason as being infected even though the log is empty. I verified those settings and they are already set as you stated by default. Maybe I’ll have to write a rule to skip this particular file in imunifyav?

[AITpro Admin]

Imunify360, which I think is the same thing as ImunifyAV has an Ignore feature > https://docs.imunify360.com/user_interface/#files

[AITpro Admin]

It looks like Imunify360 and ImunifyAV are different product versions, but ImunifyAV has the same ignore tool > https://docs.imunify360.com/imunifyav/#end-user-interface

[Author]

Posts