wp-config.php flagged by Wordfence
I suspect there has been a hack on my WordPress website. Wordfence flagged my wp-config.php file as having extraneous code. I've had that happen before on a different website and recognized the code, nbd.
This time the code is at the very top of the file, after the <?php and it doesn't look dangerous, just weird. It's rem'd out in the file, so I dunno what good it would do. I don't have a lot of experience with such things, but I'm more accustomed to seeing long strings of base64 used by hackers, not this.
Any idea whether is a hack or something added by InMotion or ... Again, it is right at the top of the wp-config.php file, after the open PHP tag.
/*e27f6*/ /*e27f6*/
I did some searching for this, but I wasn't able to find any other example of this specific text appearing in wp-config.php.
You're right that they're just comments, so they're harmless.
Some plugins do have a legitimate need to add code to your wp-config.php, especially defining constants like WP_CACHE, and some plugins will surround their additions with comments. I'm guessing that these comments were added above and below something with a unique random string so that when the plugin is deactivated, it can use that unique string to locate the code it added, and remove it later. In your case however, it looks like there's nothing in between them, so they're really not doing anything at all.