Skip to main content
Sign in

CloudLinux Knowledge Base

  1. CloudLinux
  2. Imunify Security Products
  3. Troubleshooting

233432. Plugin not cleaned

Mohamed Bakr
  • Updated

Issue

We have a client that is asking why a malicious plugin that was installed on Sept 26, named custom-footer-generator was only cleaned today Oct. 2

See screenshot of plugin directory - https://share.cleanshot.com/Xg1MYT5FDZ6vjzpjNQ7b

See the cleanup - https://share.cleanshot.com/yVK1qDLG7fKnxL2CFsCG

They are asking two questions;

1. Why wasn't it cleaned when it was installed on Sept. 26?  We have also confirmed via raw access logs that it was installed on that date via wp-admin, so that date is legitimate.  It was installed via wp-admin by a user with the IP of 73.56.218.91

2. What does the "rescan" mean, see screenshot - https://share.cleanshot.com/yVK1qDLG7fKnxL2CFsCG

 

Environment

  • Imunify360

Solution

 

Cause

 

Useful links

https://cloudlinux.zendesk.com/agent/tickets/233432

Comments

0 comments

Please sign in to leave a comment.

Related articles