Daniel Cid
Forum Replies Created
-
That happens when the plugin does not have write permissions to wp-content/uploads. Can you confirm it can write to it?
Noted. We will get it added.
thanks!
Ah yes, we use the curl library to execute the malware scans and store the audit logs. If you can get your hosting to enable it for you, the plugin will work.
thanks,
This option is always on and can’t be reverted.
thanks,
That error does not come from us. It might be that your PHP maximum execution time is too low and throwing an error before the scan can complete.
Mind looking at your error.log file for anything related to that? It should show what is going on.
Btw, you can also do the scan here:
thanks!
Can you give us more details? Any error message? It works on our end and on multiple sites we use for testing.
It might be good to look at the site’s error log to see if it says anything.
thanks,
Nope, you need a lot more than that. PCI has a total of 12 requirements that go way beyond SSL and what any single plugin (or product) can offer. WordFence and SSL cover some pieces, but you need to follow all 12 requirements.
I recommend reading the PCI DSS 3.2 doc to see what is required:
https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dssI also wrote a small intro document about PCI that might be useful:
https://blog.sucuri.net/2015/03/intro-to-e-commerce-and-pci-compliance-part-i.htmlthanks!
Might be. Do you mind pasting the content of that file so we can see what is going on?
thanks,
Mind pasting the content that is being created on the .htaccess?
That will help us understand what kind of compromise is going on. As far as the plugin not scanning the .htaccess files, we will check on that.
*this plugin does not have a paid version. It is all free.
thanks!
Nope, the free plugin will not block them. That’s just a warning to let you know what is going on.
In fact, the plugin will not stop any bad behaviour as it is an auditing and hardening-only plugin.
As for the messages being confusing, mind sending a suggestion on how to improve them via our github? PR’s are more than welcome:
https://github.com/Sucuri/sucuri-wordpress-plugin
thanks!
We don’t have the support in place to handle multiple languages, but we are open to contributions.
We would need to split all messages to a separate location and add the localization for whatever language we want to support.
If you can do that, send the PR via github and we will push it live ??
thanks!
Didn’t quite understand the question. You saying that the .htaccess file inside the sucuri diretory is changing? Mind showing what is being modified there? Or giving us more details?
thanks,
Can confirm the issue is xcache on PHP. Have you enabled it recently?
If that’s the only difference, it is just a comment in the code and not malicious.
I would check who made the change and why, but it is not recommended to modify any WordPress core code.
thanks,
The plugin will not block access to the admin panel.
Mind pasting the full error message so we can troubleshoot?
thanks,