Plugin’s data sharing

  • fijisunshine

    (@fijisunshine)


    6 years ago

    Great plugin! A couple questions about how the plugin shares data from my site.

    1. What information is sent from my site to an external server (for both the free and premium versions)?

    2. When my site is scanned by the plugin for malware & vulnerabilities, is the scan comparing any of my files with files on an external server? I understand this is done for core WordPress files because they’re compared to www.ads-software.com code base. Are any non-core files on my site compared with any files on an external server?

    3. Are any files from my site ever copied to an external server?

    Thank you

Viewing 2 replies - 1 through 2 (of 2 total)
  • wfdave

    (@wfdave)

    Hi @fijisunshine,

    1. What information is sent to an external server?

    – your website’s site URL and home URL
    – the IP addresses of attackers found on your site (if participating in the security network)
    – the computed hashes of files within your document root folder
    – your Wordfence settings when you use Import/Export options (which will include the email you provided)

    2. Are any non-core WordPress files compared?

    Only when you have Scan files outside your WordPress installation checked off. These files are not sent to an external server. Instead, the hashes of these files are computed and compared with a database of malicious scripts with the same hash.

    Potentially malicious strings are also searched for within these files, for example eval(base64_decode(..., https://some-phishing-website.com, etc.

    But again, the files are not uploaded to a remote server.

    3. Are files copied / sent to an external server?

    No, they are not.

    Dave

    Thread Starter fijisunshine

    (@fijisunshine)

    Hi Dave,

    Thank you for your great answers. A couple of follow-ups for you:

    1. On a multisite if I network activate Wordfence, is the “website’s site URL and home URL” sent to an external server for all sites on the multisite? or just the primary site?

    2. When you say “the hashes of these files are computed and compared with a database of malicious scripts with the same hash”, are the hashes sent to an external server? or is the comparison done locally?

    3. When you say “Potentially malicious strings are also searched for within these files”, does the search involve using an external server or is it all local?

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Plugin’s data sharing’ is closed to new replies.