Just Testing

  • Resolved steveraven

    (@steveraven)


    6 years, 10 months ago

    Hi guys,

    Installed Shield Security onto one of my older sites yesterday, as there were problems found with 2 step verification from another plugin.

    The two step Verification on this plugin works excellently, and I love the way that all spam comments are now transferred to the bin.

    There’s a problem with the ‘security’ aspect though.

    Got an email this morning saying that there were unrecognised files found by the unrecognised files scanner, so I went to the website back-end>>shield security>> hack guard>> URScanner with all intentions of solving this problem. However nothing in there indicated anything was wrong.

    So I went over to my trusty Wordfence plugin, located the file, and deleted it from there.

    With Shield having a growing reputation in security, far beyond a 2 step verification and comment spam usage, should there not be a more effective way to locate, examine and remove unrecognised files found by the scanner in the plugin itself, rather than need Wordfence to do this?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author One Dollar Plugin

    (@onedollarplugin)

    Hi,

    Yep, ideally it would pick it up in the manual scan… did you definitely run the same scanner as that which was sent by email?

    What was the filename that was fixed/replaced/deleted? Do you have any exclusion rules in-place that would have played a role?

    Thanks

    Thread Starter steveraven

    (@steveraven)

    The problem with the email notification is that it was sent to my phone, which doesn’t have a login to my websites on it.

    Obviously when I logged into the website with a pc, all looked well and good – except for a huge nag by Wordfence that a file needed looking at.

    The file was some Javascript that was also found by Wordfence, and was deleted from the website as soon as I found it – dunno what the file was called.

    Manual scan – what’s that then?

    Oh, and where in the plugin are the results of any scans, manual or otherwise?

    • This reply was modified 6 years, 10 months ago by steveraven.
    • This reply was modified 6 years, 10 months ago by steveraven.
    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    The ‘run scanner’ link in the email will bring you directly to the manual scanner so you can see results.

    If you want to run it manually, go to the Hack Guard module and click the Wizard tab button and you’ll see them all there.

    Thread Starter steveraven

    (@steveraven)

    Gotcha, just noticed those wizards.

    Yeah, things in there look pretty neat, don’t they?

    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    Next time you get an email notice, use the corresponding wizard and it’ll walk you through it. I can’t comment on what Wordfence does or what files it’ll clean. If you use both and get inconsistent results, you’re best to remove 1 or the other. Cheers.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Just Testing’ is closed to new replies.