If you’re seeing a Wordfence notice about a suspected malware URL in Rank Math, as shown in the screenshot below, we want to assure you that it is a false positive, and you need not worry about it.
Several users have reported that Wordfence has triggered this warning after installing Rank Math to the latest version 1.0.216.
The file update-1.0.42.php mentioned in the warning is an update routine file. It contains code to remove any erroneous redirections when the user updates to v1.0.42 (which was released 4 years ago). The recent update (v1.0.216) improved the code in this file according to WordPress Coding Standards, and Wordfence is incorrectly triggering a warning after this update.
We have rolled out a fix for this issue in Rank Math SEO v1.0.217, and we encourage you to update the plugin to the latest version.
To update Rank Math to the latest version, head over to the Plugins section in your WordPress dashboard. From here, click the Update Now button as shown below.
Once the plugin is updated, you should no longer see this warning from Wordfence.
And, that’s it! We hope these steps helped you resolve this issue on your site. If you’re still facing trouble, please feel free to open a support ticket here, and our support team would be more than happy to assist you.