1

A security scan comes up with this warning on a cached minify file (mywebsite/wp-content/cache/minify/000000/t.src;return)

Note Info: External iframes found : notfound01.domainparkingserver.net/ found near the body tag on sample pages

I can't find that minify file in my cache. Nor can I find any other reference to domainparkingserver.net in any other file on my site. Is there anything to this warning?

Chris
  • 167
  • 3
  • 18

1 Answers1

1

The scanner you used emit a warning because iframes can be considered as a security risk.

Look at this question Why are iframes considered dangerous and a security risk?

The warning is probably due to ShopBundle which contains the following file: robotocondens ed-regular.html

<!DOCTYPE HTML>
<html>
  <head>
    <title>404 Error - Page Not Found</title>
    <script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
    <script type="text/javascript" language="JavaScript">
      var url = 'http://notfound01.domainparkingserver.net/?domain_name='
                + document.domain + '&a_id=101686';
      $(document).ready(function() {
        $('#content').attr('src', url);
      });
    </script>
  </head>
  <body>
    <iframe src="http://notfound01.domainparkingserver.net/" id="content"
            frameborder="0" height="800" scrolling="auto" width="100%">
      <!-- browser does not support iframe's -->
    </iframe>
  </body>
</html>

Moreover the name of the file causing the warning:

mywebsite/wp-content/cache/minify/000000/t.src;return

seems abnormal and the result of a bug or a malicious request.

Community
  • 1
  • 1
Ortomala Lokni
  • 56,620
  • 24
  • 188
  • 240
  • I understand the possible problem with iframes. I'm trying to understand if this is a real problem or if the security scan made a mistake. I don't understand why this scan does not provide the iframe specification, but only the result - a 401 or 404 page. Is there something about a minified file that would harbor this kind of bug? – Chris Dec 28 '14 at 03:35
  • Which scanner did you use? And can you provide the minified file? – Ortomala Lokni Dec 28 '14 at 10:00
  • SiteLock - and I can't provide the file because SiteLock deleted it! I've rebuilt the cache and am looking for any suspicious minified files. – Chris Dec 28 '14 at 14:52
  • Thanks, but I don't see anything malicious in that code - it's just a 404 error? The site I'm investigating has a cart and checkout for products, could this warning be the result of misinterpreting the code used for that commerce plugin? Is ShopBundle malicious code? – Chris Dec 29 '14 at 03:12
  • If the filename is really `mywebsite/wp-content/cache/minify/000000/t.src;return`, this could be an indication of a bug or a malicious request, but more data (like log files) are needed for further investigations. If you think my answer is correct please click on the accept icon. – Ortomala Lokni Dec 29 '14 at 11:01