Helix.L

Hi
We checked our files and it seems that line 90 looks fine, could you please send a support request to [email protected] so that we can arrange a developer to help you check it and fix the issue asap?

Hi intelviji

Thank you for using Centrora Security.

The file ‘Safebrowsing.data’ is updated automatically so that is normal. please contact our support desk if you need us to help you scan the malware at [email protected],

Thank you!

Hi
Our virus patterns are quite accurate, so if it reports malware, I would suggest you review the files. Please update to 6.3.2, you can see all files reported there now even if you are a non-subscriber. Please take a look and feel free to contact our support team if you need help in cleaning them.
BTW, please feel free to re-do the review after you test 6.3.2 and give us more comments so we can improve it.
Thanks in advance.

Hi Erin
Sorry for the late reply, I received your messages through Mika, got the two issues resolved. Please also drop me an email at helix[at]centrora.com as well so we can keep in touch.
Best wishes
Helix

Hi Robert

In line 556-559, we defined three variables that we would like to search if the php files contain some functions hackers usually use, here are the codes:

$noErrorFeatures = array(‘ignore_user_abort(‘, ‘error_reporting(‘, ‘set_time_limit(‘, ‘max_execution_time’, ‘log_errors’, ‘error_log’);
$keywordsFeatures = array(‘$GLOBALS’, ‘hacked’, ‘$_GET’, ‘$_POST’, ‘copy’, ‘php_uname’, ‘getcwd’, ‘file_get_contents’,
‘file_put_contents’, ‘deface’, ‘$_COOKIE’, ‘setcookie’, ‘gzuncompress’, ‘gzinflate’);
$specialFeatures = array(‘@ignore_user_abort(‘, ‘@error_reporting(‘, ‘@set_time_limit(‘, ‘@ini_set(‘);

As you can see, the above files contain the functions hakcers like to use, so it may trigger false alerts from other scanners, please request a whitelisting of this file. or we can remove it for the time-being if this gives trouble on your website.

Best wishes
Helix

Hi there

Would you like to test all features and give further comments and feedbacks on improving the software? If so, please drop me an email at helix[at]centrora.com, I will grant a license to you so you can fully test it and give full details here.

Best wishes
Helix

Issue resolved by disabling display errors in php.ini, and also in the plugin it forces this to be disabled.

Hi Roberto666

Thank you for your feedback, for the php.ini, if you need our help, please send a ticket to our support desk here so we can take a look and see if we can help:

https://www.centrora.com/support/scp

For the error messages in PDO, if the display error is on and the php configuration has set the error to be shown as stack, all the error messages will show up, so in our last release, we force the display_errors to be off when running Centrora. If after changing this it still shows ON in the audit page, it needs to change in the php,ini, which is the most common way to change the PHP setting.

Please feel free to send us a ticket so we can help you resolve it and ensure the errors will not show up your visitors in the future, which is, indeed, a serious risk.

Hi Roberto666

BTW, the codes to force display_errors to OFF for all websites even if your website has configured it to ON, is added in vesion 4.3.4. Please update Centrora Security plugin.

One last thing is, the checking of display_errors is in the Secuirty Audit seciton of the plugin, e..g

/wp-admin/admin.php?page=ose_fw_audit

At the bottom of the page, there is a section called ‘System Security Audit’ that checks if the display_errors is turned on, and if so, we will show a warning messages, Please enure all options are green in that section to enhance security.

Hi Roberto666

We also added codes to force the display_errors to OFF in our codes for all websites using Centrora Security to ensure that, even if your PHP has set the display_errors to ON, we will override it and force it to OFF so the error will not show up to your visitors.

To resolve the database connection issues, please try to increase the maximum database connection to your mysql configuraiton file, e.g.

please increase the max_connections in your mysql.conf file. This will help sorting out the connections issues.

Hope this helps. ??

Hi Roberto666

This is not really caused by Centrora, the error shows up becasue the PHP configuration ‘display_errors’ is set to ON in the php configuraiton, and also, the PDO class show all errors (which is by default the PHP PDO setting). To resolve it, first please change the php configuration display_errors = OFF, this way, if there is error when running the application, the error will NOT show up.

to do this, please either change it in your php.ini:

display_errors = off

or add the following to your .htaccess if your PHP is running as a PHP module

php_flag display_errors off

We will add a hardcode to disable the display_errors as well for all website in the next release.

Also, we will investigate why you will have the ‘Too many connections’ errors as well.

Hi Andrzej

Yes, here are the explanations of the icons:

Green: the country is whitelisted
Yellow: the country is being monitored
Red: the country is blocked

Hope this clarifies. ??

Hi Andrezej

This is caused by the update of 4.3.1 which includes the MainWP extension into our pluign, we updated thecodes in 4.3.2, please update to 4.3.2 that will resolve the issue. Hope this helps. ??

Hi b-cat

We will investigate this issue later, may we know if you are using WordPress caching? if so, we will try to instlal it and see if we can reproduce it.

Hi Matt

Thank you for being interested in our plugin, the issue is that the PHP version in your server is lower than 5.3.0, please contact your hosting company to update the PHP to 5.3.0 or above, that will resolve the issue.

Hope this helps. ??