Security Scan

  • Resolved jonj1611

    (@jonj1611)


    2 years ago

    Not sure how accurate is but says my site security is poor but it really isn’t.

    And strangely says it can read The readme.html file is still accessible.

    Which is incredibly odd as that was deleted when wordpress was installed some months ago

    Site assets contain traceable data :

    Found - Divi. Add replacements for divi

 Found - Elementor. Add replacements for elementor

 Found - WooCommerce. Add replacements for woocommerce

    I don’t use any of them and never have done

    The XML-RPC module has not been customised. The xml-rpc is blocked by wordfence

    Dangerours Files – Ok trivial but dangerous is spelt wrong ??

    Firewall

    Found - Failed to block requests using malicious header calls.

 Found - Failed to block requests using malicious set-cookie calls.

 Found - Failed to block requests using malicious MySQL code.

 Found - Failed to block requests using malicious globals calls.

 Found - Failed to block requests using malicious request calls.

    I use Wordfence, Imunify360 and cloudfare. Maybe if these things are getting through which I find hard to believe you should state exactly what is getting through and what requests are being made as it doesn’t make any sense.

Viewing 1 replies (of 1 total)
  • Plugin Contributor Maya

    (@tdgu)

    Hi,
    Thanks for your message. This is a new functionality introduced in the last plugin version, so definitely, it can be improved. So your suggestions and feedback are greatly appreciated.

    Generally, the Scan rely on many tests that consist of general security checks ( server, PHP, WordPress, Hide plugins/themes within etc ). Each task has its security points. Based on the number of points, an overall result is created.

    For some of the tasks ( like readme.html ), check if the plugin blocks the file rather than checking on the server. That improves the overall scan speed, but turns out can be a false positive. We will extend that in the next plugin version and check for the file instead.

    The Replacements task, actually checks for traces on your site HTML. This is achieved through regex patterns. So definitely you have something on your site, if found Divi, you have a divi- or -divi trace somewhere. The same for Elementor and WooCommerce.

    Some of the WordPress services like XML-RPC, when called internally, the response may not be relevant. As possible that will not be caught by a firewall. So it suggests changing the default service URL, which will be safer. We will try to find a better approach to improve that task.

    The firewall task is calling through a wp_remote_get the site URL, along with some basic known as malicious data. They are always caught by the 7G Firewall which our pro plugin version use. So i think others should do the same, we will check it further why they may fail.

    Thanks

Viewing 1 replies (of 1 total)
  • The topic ‘Security Scan’ is closed to new replies.