javascript - Sucuri 404javascript.js security issue or internal server error - Stack Overflow

Just ran a scan and says that:404javascript.js is the infected URL:Site error detected.Details: ph

Just ran a scan and says that:

/404javascript.js is the infected URL: Site error detected.
Details: php-error-headers-already-sent

Warning:

Cannot modify header information - headers already sent by (output started at /home/myfreeca/public_html/wp- content/themes/valenti/header.php:86) in /home/myfreeca/public_html/wp-includes/pluggable.php on line 920

Its classed as 'Malware' via the Sucur test within iThemes, but as an 'Internal Server error' when checking the Sucur site. No 404javascript.js when I browse ftp either?

Line 920 of pluggable.php:

setcookie( AUTH_COOKIE,        ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH,   COOKIE_DOMAIN );

Line 86 of header.php:

<!--[if lt IE 7]><html <?php language_attributes(); ?> class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->

Site functioning fine as I can tell, not sure if I have a security issue or just that I need to make a little change where required?

Anyone???

Just ran a scan and says that:

/404javascript.js is the infected URL: Site error detected.
Details: php-error-headers-already-sent

Warning:

Cannot modify header information - headers already sent by (output started at /home/myfreeca/public_html/wp- content/themes/valenti/header.php:86) in /home/myfreeca/public_html/wp-includes/pluggable.php on line 920

Its classed as 'Malware' via the Sucur test within iThemes, but as an 'Internal Server error' when checking the Sucur site. No 404javascript.js when I browse ftp either?

Line 920 of pluggable.php:

setcookie( AUTH_COOKIE,        ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH,   COOKIE_DOMAIN );

Line 86 of header.php:

<!--[if lt IE 7]><html <?php language_attributes(); ?> class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->

Site functioning fine as I can tell, not sure if I have a security issue or just that I need to make a little change where required?

Anyone???

Share Improve this question edited May 20, 2016 at 16:37 amze77 asked May 13, 2016 at 12:02 amze77amze77 371 gold badge2 silver badges4 bronze badges
Add a ment  | 

2 Answers 2

Reset to default 3

See https://security.stackexchange./questions/29573/sucuri-giving-false-positive-with-their-free-online-scanner-because-of-an-htacc

I believe this is Sucuri's way of testing a WP site for malicious code or security errors. It looks for 404javascript.js and for 404testpage4525d2fdc to ascertain certain tings about your site. A positive hit will find a hidden redirect from a malicious htaccess file somewhere redirecting the site, but most likely, as it was in my case, it should return a 404 page, but what what seemed to be happening is that the way it was requesting it caused it to receive an unexpected 404 error which was then displaying the standard Internal Server Error page - and then calling this malware. So it was a false positive for me, and when I Googled it, it seemed to be so for others as well.

As far as I can see it has to do with either the Cpanel vhost or a security firewall (htaccess) redirecting traffic in a way that Sucuri believes it is being hijacked.

Make sure there is not code before the start <?php of the pluggable or the header.php "Cannot modify header information" error can be caused in this kind of situation from hidden code or even whitespace characters on the top.

Sucuri also has a function to detect changes of wordpress core files make sure none is set to changed. If it is replace them with the original.

example:

<?php // Injected code --> scroll right there are usually many whitespaces and there is some obsfuscated php code ?>
<?php // Regular code of the original file starts here.

发布者:admin,转转请注明出处:http://www.yc00.com/questions/1744257458a4565468.html

相关推荐

发表回复

评论列表(0条)

  • 暂无评论

联系我们

400-800-8888

在线咨询: QQ交谈

邮件:admin@example.com

工作时间:周一至周五,9:30-18:30,节假日休息

关注微信