[Defender Pro] Dfender reports issues

Deffender reports the undernoted 3 “suspicious” files
Can I safely Ignore them?

settings.php /var/web/site/public_html/wp-content/plugins/seo-automatic-wp-core-tweaks/settings.php Suspicious function found
antispam.php /var/web/site/public_html/wp-content/plugins/wp-freshstart5/lib/antispam.php Suspicious function found
gdprfunction.php /var/web/site/public_html/wp-content/plugins/wp-freshstart5/lib/gdpr/gdprfunction.php Suspicious function found

Many thanks for your input
best wishes Patricia

  • Nithin Ramdas
    • Support Wizard

    Hi Patricia ,

    Seems like 2 files are listed from WP Freshstart5 plugin, and one from Core Tweaks WP Setup plugin. Since Core Tweaks WP Setup is a free plugin I could check the plugin file, and could confirm it’s safe, and a false positive which you can mark as ignore.

    Regarding the files listed from WP Freshstart5 it looks like a premium plugin so I couldn’t check the plugin files. The listed files look safe, however, would recommend you to double-check by downloading the latest version of the plugin and comparing the file names listed to ensure they are similar, so you could ignore the files are safe in Defender.

    I hope it’s clear. Please do let us know if you have any further query. Have a nice day.

    Kind Regards,
    Nithin

  • Patricia
    • Wayward Ribbon

    another Defender Question please?

    Hello all

    I have had several recent reports from Defender – on more than 1 site – and on other sites that I haven’t put your tools onto yet, similar reports from Wordfence – about lockouts.
    One week recently I had a report of 40 lockouts from Wordfence.
    here’s the Defender report for acooshla.com
    ========================
    In the past week I’ve put the smack down on 2 hosts for bad behaviour. Here’s a quick summary of the action:

    Total Lockouts: 2

    Last Lockout: December 19, 2019 3:55 am

    404 Lockouts: 2
    ===============================

    Is there any action I should be taking?
    Thanks in advance for the help :slight_smile:
    best wishes Patricia

  • Ash
    • Code Norris

    Hello Patricia

    First of all you can if your site has any 404 link. You can use free online tools like:
    https://www.brokenlinkcheck.com/
    https://www.deadlinkchecker.com/

    There are more you can try.

    If you have any broken links, fix them first. And then, about the lockout I don’t think you need to take any action. Defender is able to handle the spam 404 requesters, it will even blacklist them as per your settings.

    I hope it helps! Please feel free to ask if you have any more questions regarding this.

    Cheers,
    Ash

  • Patricia
    • Wayward Ribbon

    Hello Ash
    thanks a lot for your help
    I’ve done all 19 of the Defender tweaks, so I guess I’m as safe as possible.

    so, I’m trying to get my site trafficcandy.com live because I need it for a launch in January, and I keep hitting problems…

    I took your advice and checked for broken links,
    one appeared

    https://support.mozilla.org/t5/Cookies-and-cache/Enable-and-disable-cookies-that-websites-use-to-track-your/ta-p/2784

    so I immediately installed the 301 plugin – it tells me to re-direct to an active link
    I thought the best thing to do was probably to write an article about tracking cookies and re-direct to that. my article is at https://trafficcandy.com/tracking-cookies

    I’ve never set a 301 in my life and I may well have gotten it wrong.
    But that seemed to be the way fix the link?

    Below is the plugin instruction and how I set it
    Please let me know if I made a mistake?

    ===============================================================
    Add your old path /old-path-from-site/ (don’t forget to start with a forward slash) in the old link field, and the new path /new-path-somewhere/ in the new link field. If you’re redirecting to an external URL add the https:// prefix.
    Name and Section are there for your organization and convenience.

    I set : /old-path-from-site/

    /https://support.mozilla.org/t5/Cookies-and-cache/Enable-and-disable-cookies-that-websites-use-to-track-your/ta-p/2784

    I set: /new-path-somewhere/

    /trafficcandy.com/tracking-cookies/

    ==================================================================
    Did I get it right or have I misunderstood?

    Thanks as always for the help :slight_smile:

    • Dmytro Borovyk
      • Staff

      Hi Patricia,

      The broken link that you’ve found is referenced on your Cookie Policy page. The easiest fix would be replacing the old link with the current working one from Mozilla.org site.

      Open your Cookie Policy page for editing, find and click the broken link, and then click on the pencil icon:

      [attachments are only viewable by logged-in members]

      Paste this new working link there (or any other working link you want):
      https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

      After that update your page and that should be it.

      Redirection plugins usually won’t help in changing external links, but you can use them to redirect some page or post on your site to another one, or to an external link.

      So getting back to your original question about different path formats, basically when redirecting to/from a link which is within your current site, e.g. yourdomain.com/some-path/ , you can skip the domain name, and only leave the remaining part: /some-path/

      A full path with the domain name is only required for external links leading to other sites. And when specifying a domain name as part of your link, make sure it begins with https:// like this: https://example.com/some-path/

      Please note, that no symbols should be placed before https://.

      Best Regards,
      Dmytro