Unknown user deleting files from different IPs


Recently a number of entries were made in the Audit Log with the following pattern:


deleted WPHB Minify Group “34970c23330f783c770f6daea8099319-scripts”

Context Type IP address User Date / Time

WPHB Minify Group Content Guest December 9, 2017 3:24 am

There are a lot of entries like this and there is no user associated with the entry. Many of the entries have different user IP but there are some clusters.

Thanks kindly,

  • Ash
    • WordPress Hacker

    hello Shannon Routley

    Hope you’re doing well today

    Hummingbird Minification option creates a group of your files and then your site loads less files from one location instead of catching bunch of files from different locations.

    When there are some changes to your files those minified files are removed and then replaced with the new ones combined files.

    Because files are indeed removed that’s why you see it in your logs but there’s nothing to worry about.

    Best regards,


  • Shannon Routley
    • Design Lord, Child of Thor

    Thanks Ash,

    One further point of clarification. Are you saying that when a site visitor requests a page, that request may generate a delete operation on the current cached files for that page and that Hummingbird handles the delete operation, but the owner of the delete request is the site visitor?

    That’s how I read the audit file I attached. A file was deleted by a user at IP Address.

    Thanks kindly,

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.