goodshell.php and cp.php questions

Are goodshell.php or cp.php files that have any usage or are they likely malicious? They were found in a wordpress site root.

  • Adam Czajczyk

    Hello Corn,

    I hope you're well today and thank you for your question!

    Those are certainly no WordPress core files and also no plugin should put files into a root folder. However, it's difficult to say whether they are malicious or not: I couldn't find any reports about these files on the web but it's also important to know that the filename doesn't necessarily mean anything. The file content is what matters.

    I think it would be best to ask your host first if these files come from them as some hosts do put additional .php files in WP root folder. If they don't come from them or they are not able to help you, please post content of these files, preferably put them into service

    and share a link with me here. I'll then review the files and that should let me give you more conclusive answer.

    Best regards,

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.