• Resolved Anita C

    (@mymothersdaughter)


    Client is on Hostgator and is using WP version 4.0.1. In the dashboard I am getting this message. I saw another thread that provided a direct download link to the Surcuri plugin. I did a re-install of WordPress to make sure it was 4.0.1. Installed the plugin and it’s still saying that WordPress is 1.3.3.

    Any updates on this?

    https://www.ads-software.com/plugins/sucuri-scanner/

Viewing 9 replies - 1 through 9 (of 9 total)
  • I have this same problem but it says WordPress Version 1.1 for me.

    Does anyone know if this affecting the file scan?

    I haven’t had this problem myself, but heard similar reports with other plugins reporting the wrong WordPress version a while ago. Are you running any other security plugins?

    I can’t remember which one, but I know at least one security plugin has the option to show a random WP version (and unfortunately, they changed the version number internally, which could cause this warning.)

    Hello, as @mwrusnak says there are other security plugins out there in the WordPress marketplace that provide security through obscurity in this case hiding or randomizing the real WordPress version number, which affects the functionality of our plugin because the core integrity checks tool relies on this number to retrieve the correct list of hashes that will be used to compare verify the files on the project.

    Thread Starter Anita C

    (@mymothersdaughter)

    For my client, he doesn’t have any security plugins. That was the whole reason why I added this plugin was to give him something. And I couldn’t get it to work, so I removed it. He asked if purchasing the pro would fix it but I am not inclined to have him purchase something when we can’t get the free to work first.

    @mymothersdaughter I feel bad to hear that, I try my best to offer the best functionality in the plugin, sometimes is difficult to control all the different environments offered by all the different hosting companies. Hopefully you will get better results with one of the top-rated (free) security plugins listed here [1]. Enjoy your weekend.

    [1] https://www.ads-software.com/plugins/search.php?q=security

    Thread Starter Anita C

    (@mymothersdaughter)

    Well it’s not that I need “free.” I just need something that works. And unfortunately I have had issues with the plugin working on Godaddy with it crashing sites and giving some kinda code that no one can fix. Now I have this type of issue on Hostgator. So I guess it’s hosting dependent. I don’t know, but I’d been using it on all my client projects and now I can get it to work. Sorry.

    @mymothersdaughter I understand, I would feel the same if it was me. Go to the Sucuri home page and scroll to the bottom, you will find an email address, send a message there referencing this ticket and I will talk with the support team to redirect that email to me, then I will help you to troubleshoot these issues that you are having with the plugin.

    Note. We do not offer this kind of help to non-clients, but I personally want to assist you with that because it seems that the plugin is generating too many issues on your sites and is difficult to solve them all through this forum.

    @mymothersdaughter: If you look at your list of installed plugins, do you see any plugins that are version “1.3.3” below the description? The problem might be that another plugin set a version number in your database, without specifying what it is for. I do see at least one non-free plugin that is currently version 1.3.3, called “Responsive Flip Book WordPress Plugin”, but I haven’t used it myself, so I can’t see if this is the problem. Unfortunately, turning a plugin off might not remove that record — but finding the version number would confirm that another plugin might have been the cause.

    (I’m not affiliated with Sucuri, but I found this problem interesting.)

    @yorman: In sucuri.php, in the function site_version(), it checks get_option(‘version’) first, then checks for wp-includes/version.php — my recent WP installs don’t have a ‘version’ record in the wp_options table, so maybe that was an older standard? (Unless it’s used in multisite, which I do not use.) If it checked version.php first, or if it used get_bloginfo(‘version’), that might solve the problem if this is caused by another plugin.

    Edit: Sorry for interrupting — I didn’t see your newest post before I posted. But I hope this helps narrow down the issue!

    Yes @mwrusnak, you are right. I try not to think much about these issues because the lacking of standards in the development of WordPress plugins makes things difficult to debug because every developer make things different.

    As you already explained, some security plugins used to obscure the WordPress version number to prevent vulnerability scanners to find vulnerable software, this has changed during the last years with the optimization of the algorithms used in these scanners, so obscuring the version number does not prevent the attackers, and instead brings up issues with other extensions. This may not be the case though, but it is worth to mention.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Your current version (1.3.3) is not current’ is closed to new replies.