megamurmulis
Forum Replies Created
-
Forum: Requests and Feedback
In reply to: wordpress, index.php and hiding malware@samuel – i feel you both are side-tracking from what this feedback was really about..
– This isn’t support question about any specific server, website, malware / nor about directory listing orDirectoryIndex, etc.I gave a feedback about WP – specifically about it using non-empty
index.phpin multiple persistent places…= My suggestion was to use empty
index.php(instead of one that has a php comment inside it)..
Might seem like a minor thing, but makes life easier..Forum: Requests and Feedback
In reply to: wordpress, index.php and hiding malwareAlso – i see that you moved this entry to “How-to” section.
As noted – this wasn’t a Question / “how to” / support request,
but feedback about WP index.php usage…Forum: Requests and Feedback
In reply to: wordpress, index.php and hiding malware@jan – this isn’t about any specific site or malware.
Just pointing out what in my opinion would make it both secure and easier to maintain for admins…WP 3.7+ has checksum API that verifies core file MD5 hash (but it by default ignores anything in
/wp-content/*).
Hence – malware can useindex.phpto persist across updates.And as i pointed out – 28 bytes is enough for universal backdoor.
If it kept same size = not immediately noticeable via FTP (unless you are viewing file contents / comparing hashes).~ I understand the reasoning with using
index.php, but i really think it would make sense to use emptyindex.php, instead of how it is now…Forum: Plugins
In reply to: [Viper's Video Quicktags] QTags code breaks JS on pages without editorI see new version was released but fix was not added
Please add it in next release, so users aren’t forced to manually edit
vipers-video-quicktags.phpon each update….Forum: Plugins
In reply to: [MiwoFTP - File & Folder Manager] Zip archive missing empty foldersThanks.
Marked as resolved..