Shield security scan: unrecognized file question

Shield security scan alerted me today of an unrecognized file in WordPress [sic] core:

wp-includes/random_compat/random_bytes_openssl.php
Modified: 7 months ago
Copyright (c) 2015 Paragon Initiative Enterprises
Random_* Compatibility Library
for using the new PHP 7 random_* API in PHP 5 projects

My options are to delete or ignore.

Is this a ClassicPress-specific file that Shield is identifying as not belonging in WordPress? I’m wholly unsure what to do with it (delete or ignore).
Any help appreciated.

Neither WordPress nor ClassicPress have that file. You can see contents of that directory here:

• ClassicPress/src/wp-includes/random_compat at develop · ClassicPress/ClassicPress · GitHub
• wordpress-develop/src/wp-includes/random_compat at trunk · WordPress/wordpress-develop · GitHub

I would recommend renaming it first to see if that causes any problems. If not, then delete it.

If your hosting provider offers a clamav virus scan, I would perform it to see if that picks up anything.

Many thanks, Viktor, for the swift reply. My host just started a clamav virus scan (thank you for that suggestion) whose report may take a couple of hours. I’ll see what that reveals; if that file is not included, I’ll take your suggestion of renaming etc. I’ll let you know what happens just FYI.

Many thanks again.

The clamav virus scan did not identify the file as a virus. The host representative advised:

“It is related to the website script. You can ignore it. Please do not make any changes, it is script of the website.”

Well, okay. I will, however, try to stay alert to anomalous site behavior nonetheless.

Thanks again, Viktor.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.