Defender report - Action to take


Please see screendump of defender report.

What actions should i take here, i dont want to delete files that might mess up the site.

Also why does it see phpinfo.php two times? I checked the core files from FTP and could only find one file. And the code inside only contains this:
<?php phpinfo(); ?>

  • Predrag Dubajic

    Hey Hamid,

    How are you today? :slight_smile:

    I was testing Defender yesterday and noticed the issue with same file reported twice and our developers are already notified about that.
    Resolving one removed both reports for me so it should do that for you as well.

    About the reported files, info.php file is something that provides PHP information on your site and it should only be there while debugging something on your site.
    You should remove it as the file is publicly accessible and provides information about your PHP which can be used to find weak spots in your installation.

    wordfence-waf.php is part of the Wordfence plugin but it's not part of the default WP files and that's why Defender reports in results.
    We are working on adding an option to whitelist files completely but for now you can ignore this report.

    Similar thing is with php.ini files, they are not part of core WP files which is why Defender shows them as potential threat.
    These are most likely added in order to change certain PHP settings and possibly by Wordfence as well.
    You should be fine with ignoring these two reports as well.

    As for the mpdf.php, I've scanned Woocommerce PDF Invoices plugin on my installation and got the same report.
    The file itself is quite large (over 30.000 lines of code) so I'll need to check this report with developers for more info.

    Best regards,