Hello,
First time posting here. I am using a new tool on my website called WoodFence. Today I noticed I am getting a bunch of critical alerts, all for a similar issue. It is finding a file in the wp-content/boost-cache/cache directory that it thinks is a Script Injector. In the details, it mentions "litespeed", and from what I can find this directly is related to LiteSpeed Cache. Just curious if anybody else has seen this type of alert, and if it is something I need to worry about. I am noticing that after some time the files are automatically going away. Not sure if it is LiteSpeed cleaning them up or something else.
Here is a sample of one of them...
Any help would be greatly appreciated.
Thank you
Matt
First time posting here. I am using a new tool on my website called WoodFence. Today I noticed I am getting a bunch of critical alerts, all for a similar issue. It is finding a file in the wp-content/boost-cache/cache directory that it thinks is a Script Injector. In the details, it mentions "litespeed", and from what I can find this directly is related to LiteSpeed Cache. Just curious if anybody else has seen this type of alert, and if it is something I need to worry about. I am noticing that after some time the files are automatically going away. Not sure if it is LiteSpeed cleaning them up or something else.
Here is a sample of one of them...
- Filename: /home/*********/public_html/wp-content/boost-cache/cache/********/meetings-events/362f337618063fd37401a74768a0fd44.html.rebuild.html
- File Type: Not a core, theme, or plugin file from wordpress.org.
- Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: \x0a<head><script data-no-optimize="1">var litespeed_docref=sessionStorage.getItem("litespeed_docref");litespeed_docref&&(Object.defineProperty(document,"referrer",{get:function(){return litespeed_docref...
The issue type is: Redirect:HTML/indentmeta.9808
Description: Script injection often seen in spam infections.
Any help would be greatly appreciated.
Thank you
Matt
