I'm Curious what everyone uses for their website security? I recently added the defender plug in from wpmu dev. The following items came up in a scan. It's rather confusing knowing what to do with things like this.
ads.txt
Unknown file in WordPress core
css
This directory does not belong to WordPress core
index.html
Unknown file in WordPress core
index.html.bak
Unknown file in WordPress core
js
This directory does not belong to WordPress core
Join the Discussion
DianeScorpio
Premium
Hi - WA has a full security package including SSL, Botnet Protection, DDoS protection and daily Back-Up.
Reply
Sanjeev23
Premium
I think its got to do with WPMUDEV structure. you can chk out here
https://wpmudev.com/forums/topic/defender-pro-defender-malware-scan-reports-legitimate-files-as-suspicious/
Those files and directories doesn’t belong to default WordPress core installation, even tho those are valid, Defender will show them. It will also show error_log files for example. It is going to point our every file and directory that doesn’t come with WordPress install. In those cases, it will be false positive.
https://wpmudev.com/forums/topic/defender-pro-defender-malware-scan-reports-legitimate-files-as-suspicious/
Those files and directories doesn’t belong to default WordPress core installation, even tho those are valid, Defender will show them. It will also show error_log files for example. It is going to point our every file and directory that doesn’t come with WordPress install. In those cases, it will be false positive.
jghwebbrand
Premium
Here is some security with WA servers and hosting for websites.
https://www.wealthyaffiliate.com/websites/
https://www.wealthyaffiliate.com/hosting/
https://www.wealthyaffiliate.com/websites/
https://www.wealthyaffiliate.com/hosting/
AbieAJ
Premium Plus
If you site is hosted here, there's no need however you may check out with site support
https://my.wealthyaffiliate.com/websites/support
https://my.wealthyaffiliate.com/websites/support
AbieAJ
Premium Plus
However if hosted elsewhere, I have preference for Sucuri
You may check out below resource
https://kinsta.com/blog/wordpress-security-plugins/
You may check out below resource
https://kinsta.com/blog/wordpress-security-plugins/
Pamshooter
Premium Plus
.well-known
This directory does not belong to WordPress core
This file also showed up. I added it to an ignore list, after deleting it last night, which was a mistake. One I don't really know what I am doing, and two it caused me to not be able to get into my back office. I am hosted here by the way. I am just curious what others use for site security. I have received emails from moz, and other seo monitoring places that I have bad back links etc on my site. So I decided to do a scan with a plug in to see what was up. No one really indicates what kind of security WA does with our websites.
This directory does not belong to WordPress core
This file also showed up. I added it to an ignore list, after deleting it last night, which was a mistake. One I don't really know what I am doing, and two it caused me to not be able to get into my back office. I am hosted here by the way. I am just curious what others use for site security. I have received emails from moz, and other seo monitoring places that I have bad back links etc on my site. So I decided to do a scan with a plug in to see what was up. No one really indicates what kind of security WA does with our websites.
AbieAJ
Premium Plus
If hosted here, we don't use because WA hosting is robust, however do not take my word for it, I'd contact site support and confirm.
Hope this helps.
Hope this helps.
