Viewing scan history, false positives, clearing history, and other plugins

  • Resolved PauluaP

    (@pauluap)


    3 years ago

    Hello. Thank you for your plugin! Just a couple questions:

    – How do I view the scan history and what it found?

    I started a complete scan yesterday and it had detected two items when I was watching it (false positives), and when I came back today it simply says the complete scan ran for five hours but it doesn’t show what it found and I find no way to view it.

    – what are these two false positives — “echo div position absolute negative anchors”

    These two “known threats” it found were nothing but styling codes? (I did send it to your email yesterday).

    – What happens when I click on “clear history below this line” ?

    I had two records of scans done. I clicked on the first one’s “clear history below this line” and when the page reloaded the second one was still there? Of course I can’t actually view any history so I assumed it would just delete the line showing the scan was run that other time?

    – “Another Plugin or Theme is using ‘GFForms::ensure_hook_js_output’ to handle output buffers.|

    I set WP Super cache to NOT cache, and disabled WP-Smush, reloaded the page, but I still get the above notification. Besides cache and compression, would there be other plugins I should disable? It took about five hours to scan my wordpress site — not sure if that’s normal?

    Thank you.

    • This topic was modified 3 years ago by PauluaP.
    • This topic was modified 3 years ago by PauluaP.
Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    Hi Paul,
    I sent a reply to your direct email 3 days ago and have not gotten any followup info from you so I will go ahead and respond here too.

    I don’t have the Scan history details feature finished yet so as of right now the scan log just shows the times and duration of past scans. The original design was that you would run the complete scan (which should usually only take between 10 to 30 minutes) and then fix the known threat immediately.

    I rarely get any false positives but it does sometimes happen, and it is usually because the code is identical or at least very similar to a previously identified “Known Threat”. This pattern “echo div position absolute negative anchors” is looking for hidden link that use extreme or unusual ways to hide their content with a combination of styles like negative positions and transparencies together. From the snippets of code you have sent I can see how this might have matched this pattern but I would need to see the whole file to properly analyze why this code was detected and how to fix it. Could you please send me this whole file as an attachment?

    Automatically fixing this code with my plugin would simply remove the suspicious part of the code from the file in question, so that would in fact be a bad thing if that code is a false positive. You would then need to restore the code from within the Anti-Malware Quarantine page to get that functionality working properly again.

    As for the “GFForms::ensure_hook_js_output” hook, I wonder if it is part of Gravity Forms which you might be using on your site. If you are using Gravity Forms can you temporarily disable it to see if that warning goes away and the scan runs any faster. If the scan is still slow then you can also send me a few screenshots throughout the process so that I can try to pinpoint what might be causing this behavior.

Viewing 1 replies (of 1 total)
  • The topic ‘Viewing scan history, false positives, clearing history, and other plugins’ is closed to new replies.