Two file types being quarantined: wpr_uid_tracker & auto_.htaccess

[Mendy Ouzillou]

The file “auto_.htaccess” is getting quarantined. Is this a BPS created file and if so, why is it being quarantined. I saw there were other topics related to this file but the replies were years old, so I thought I would start a new thread.

Also, I have tried to research what the files with the prefix “wpr_uid_tracker” could be, but I have found literally next to nothing about these types of files. I have therefore left these as quarantined, but was wondering if anyone had seen these types of files before.

[AITpro Admin]

The auto_.htaccess file being quarantined is an old problem that has been happening for a decade and will continue to happen for many more decades.  The cause of this problem is the very common misuse of this WP function:  flush_rewrite_rules().

This forum topic gives you 2 options to solve this very annoying issue:  https://forum.ait-pro.com/forums/topic/root-htaccess-file-quarantined-auto_-htaccess-file/

A third option is to exclude your Root htaccess file at the top of the Quarantine page using the Exclude Folders|Files from being checked by AutoRestore form.

What is the full name of the “wpr_uid_tracker” files and the path to these files?  Do you have any plugins installed that would track User ID’s?  An analytics plugin would most likely track User ID’s

[Mendy Ouzillou]

I followed the instructions for the htaccess file so that should now be cleaned up.

OK, the analytics clue helped a great deal. If it is user ID being tracked then most likely Woocommerce Analytics. Otherwise, RankMath may be the culprit. The full source path for the file is /home/gmetaorg/public_html/wp-content/wpr_uid_tracker_7da499a3adafdce6d1451086b1230242

[AITpro Admin]

Dynamically generated files with dynamic file names directly under the /wp-content/ folder cannot be excluded in AutoRestore. The file name must be static. So that you create an exclude rule for that static file name. The solution for this issue would be for the files to be put in a folder under the /wp-content/ folder. Example: /wp-content/example-folder/. You would then be able to exclude the /example-folder from being checked by AutoRestore.

To figure out exactly which plugin is doing this use the BPS Pro > Tools > String|Function Finder tool.  Use this Search String: wpr_uid_tracker and this Search Path: /xxxx/xxxx/public_html/wp-content/plugins/.  Use the Website Root Path displayed to you on the String|Function Finder page and add the additional path to your plugins folder: /wp-content/plugins/

Let me know which plugin it is.

[Mendy Ouzillou]

Well the results came back as a surprise! The offending plugin is https://wpreset.com/.

/home/******/public_html/wp-content/plugins/wp-reset/wp-reset.php, line 6419
$search = glob(trailingslashit(WP_CONTENT_DIR) . ‘wpr_uid_tracker_*’);
/home/******/public_html/wp-content/plugins/wp-reset/wp-reset.php, line 6423
$uid_tracker_file = trailingslashit(WP_CONTENT_DIR) . ‘wpr_uid_tracker_’ . md5(time());

I used to use Updraft and thought I’d try this one because I felt it was more flexible. 🙁

[AITpro Admin]

Ok let me download and test this plugin.

[AITpro Admin]

I downloaded the free version of WP Reset and it does not contain the wpr_uid_tracker code.  I guess only the Pro version uses that code.  Since you paid for the WP Reset Pro plugin then you should be the one to contact them about this.  You can refer them to this forum topic.

[Mendy Ouzillou]

Ok, I will update this thread when I have more info. Thank you for the great insights.

[Mendy Ouzillou]

Here is response from WP Reset:

“Yes, the file was created by WP Reset, and it is entirely harmless. We record the ID of created snapshots, and if there is an error when deleting the snapshots and you have the leftover snapshots, we can check.”

And my response:

“Thank you for the information. I would suggest that this file is moved into a directory associated with WP Reset for your next update. Having this file stored in the wp-content folder makes this file VERY suspicious and it took me a long time to figure out which plugin (or website hack) had stored it there.”

On a related note, I cleared all the quarantined files but I still see the quarantine alert as being active in the Admin. Other alerts are also failing to clear. I have image of this but do not see a way to upload it here.

[AITpro Admin]

Are you clicking the “Reset Last Modified Time in DB” buttons to clear/reset the alerts?  If so, then what is happening is as soon as you clear/reset the alert another alert is generated due to a problem that is occurring repeatedly.  Example: If php errors are occurring repeatedly then clearing the alert will only clear the last php error alert and not any new php error alerts.

Maybe WP Reset does not understand the problem.  Send this response to them:

I use BPS Pro and it has a feature called AutoRestore|Quarantine, which automatically quarantines new files that are automatically created under the wp-content folder.  AutoRestore|Quarantine has a file exclude feature, but dynamically named files cannot be excluded.  If WP Reset dynamically created files were created a in folder such as:  /wp-content/wp-reset/ then the /wp-reset/ folder could be excluded by AutoRestore|Quarantine.  Please either create a new /wp-content/wp-reset/ folder to create your dynamically created files so that I can exclude that folder in BPS Pro.  Or create an option setting where I can turn off dynamically generated WP Reset file creation.

[Author]

Posts