New to the community? Start here

weird security faults

[attachments are only viewable by logged-in members][attachments are only viewable by logged-in members] i have these two faults, i cant delete the one because it has to do with a plugin im using, but do you know what these faults are

Wed, 6 May 2020 12:07:25
More Defender Pro discussions
Defender Pro
  • PTaubman
    • I'm just a Cook

    Hi Tristen De Lange

    I am sure that support will chime in and give an official answer :slight_smile:

    These notices you are seeing are just informational and for you to decide what to do.

    The first one is saying that your error log is a bit large – 3.21 MB. You may want to take a look to see what is listed in there as a large error log may be a sign that something is not right. The fact that the file is listed is just saying this is a large file.

    The next notice is just that – a notice that there is additional code not the site that is not part of the CORE WordPress code. And as you mentioned, you need this which means you know about it, and it is ok to be there. If someone had hacked your site and put code in, you would be notified of the code and it would be a great indication that you should check it out!

    Hope this helps.

  • Dimitris Kalliris
    • Support Team Lead

    Hello Tristen De Lange

    First of all let me tell you that I moved this thread from Members forums that are mainly for interacting with other WPMUDEV members, to Support forums, as this is actually a support question around Defender.

    Things here are like PTaubman mentioned (thanks!)

    Error log files can’t do any harm by themselves, it’s better deleting them though, just so you’re sure that no sensitive info will be available from there.

    As for the file with the suspicious PHP function, as this is coming from WooCommerce and it’s not some kind of hacked file, you can safely ignore it. In general, apart from known vulnerabilities, we check for suspicious functions. This doesn’t mean that all of the reported files should be deleted though, as these functions can also be used in a non-suspicious way. :slight_smile:

    Warm regards,
    Dimitris