Jetpack Start – WordFence Security Scanning conflict

  • Resolved Jeremy Herve

    (@jeherve)


    Jetpack Mechanic ??

    9 years, 1 month ago

    Hi there!

    In this thread, a user reported a warning received from WordFence when using the Mojo Marketplace plugin. That plugin includes a copy of Jetpack Start, a NUX flow for new WordPress installations.

    Unfortunately, Jetpack Start appears to trigger a WordFence warning, as reported here.

    We’ve fixed that problem once already, by regenerating the file and thus remove the string that triggered your warning in the first place.

    Unfortunately, it seems that the problem is back. We could regenerate the file again, but source maps include a long pseudo-random string; that string has a decent change of matching a 6-character pattern like the ones WordFence is looking for.

    Is there a way for your security scanner to work around that problem, to avoid triggering false positives? If that’s not possible, is there a way we could update Jetpack Start to solve this issue?

    Thank you!

Viewing 1 replies (of 1 total)
  • Plugin Author WFMattR

    (@wfmattr)

    Jeremy,

    Thank you for the report — this should only happen for users who have enabled extra scanning, for PHP code in non-PHP files, but I will send this to the dev team to check out.

    Unfortunately, since Mojo Marketplace is a premium product, we don’t have the ability to validate their files against the originals, like those on www.ads-software.com.

    -Matt R
    FB1007

Viewing 1 replies (of 1 total)
  • The topic ‘Jetpack Start – WordFence Security Scanning conflict’ is closed to new replies.

Tags