Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Magento 1.9 wp-sign.php

‎07-22-2016 02:28 AM
‎07-22-2016 02:28 AM

Magento 1.9 wp-sign.php

I would like ask if somebody has same apache log like this

 

"POST /var/export/wp-sign.php?x=f&f=local.xml&ft=edit&d=%2Fsrv%2Fwww%2Fclients%2Ftest%2Fapp%2Fetc%2F HTTP/1.1" 200 3496 "http://test/var/export/wp-sign.php?x=f&f=local.xml&ft=edit&d=%2Fsrv%2Fwww%2Fclients%2Ftest%2Fapp%2Fetc%2F" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"

 

do you know what is the wp-sign.php?

where can i report something like this plus include the malware file?

 

thx for help

 

 

0 Kudos
1 REPLY 1
‎07-22-2016 07:04 AM
‎07-22-2016 07:04 AM

Re: Magento 1.9 wp-sign.php

It looks like an attempt to check if you have a previously seeded malware backdoor and use it to check out your app/etc/local.xml file. Bad news is that the attempt status was 200. So, yeah, wp-sign.php is probably a backdoor and you should get rid of it.

Tanel Raja
0 Kudos