hello.php file found in location public_html/wp-content/plugins/hello.php is sometimes detected as Virus or Malware by the virus scanners on the hosting service. Though actually it is not a virus file but it is also not of any use thus is flagged as a virus to make the user remove it as more unused files means more probability of attack.
What is hello.php ?
hello.php is a file related to Hello Dolly plugin. Holly Dolly is a Hello World type plugin. Hello Dolly is a plugin which is named on a famous song sung be Louis Armstrong. If you activate this plugin it, it will show you random lyrics from Hello Dolly on the admin screen on the upper right corner. This plugin comes pre-installed with some versions of WordPress. Mostly people don’t activate this plugin thus the files related to it remains unused.
Why your Server Flags hello.php as Virus ?
As most of us are not activating the Hello Dolly plugin, the hello.php file sits idle on our hosting. Unused files and plugins makes a site vulnerable to external attacks, as they can be utilized by hackers for backdoor entry to your website. Nowadays most of the WordPress or General hosting service providers are quite aware about such attacks and in a bid to protect your website from attacks they keep scanning your files for any such unused files or plugins which can cause the vulnerability and flag it as virus or malware. It is normally flagged as SiteLock-PHP-BACKDOOR-GENERIC-kv.UNOFFICIAL type.
Do you need to remove hello.php & How to remove it ?
If you are not planning to use Hello Dolly plugin in future, you should remove any files related to it like hello.php. To remove this file follow the given steps :
- First of all take a backup of your websites’s Files and Database in case you need a recovery.
- Open the file manager in your cPanel or FTP account.
- Reach to the directory public_html/wp-content/plugins/ and look for file hello.php.
- Delete it.
- Check the website if it is working fine.
Sometimes hosting service provider becomes paranoid and flagged a number of files as virus which might not actually be virus and may be part of some plugin which we are not using or might not have updates since quite sometime now. It is good for you as it reduces the vulnerability of your website and makes it secure.