audiowarrior

Thank you @yorman

Can you please post here when they’ve added the changes in the official release? The development version seems to work, I tested it.

By the way, you said “I will make the appropriate modifications to exclude all the directories contained in the open_basedir whitelist during a malware scan.”

You mean “to exclude all the directories NOT contained in the open_basedir whitelist” correct? – Kinsta asked

• This reply was modified 7 years, 2 months ago by audiowarrior.

Thank you! I’m just curious, did you create Sucuri or are you one of their top engineers? Happy New Year!

Hi Yorman,

Thank you, Kinsta said:

“Awesome!
You might ask them if it’s possible to exclude that directory from being scanned somehow, as it looks like it’s going to log an error every time because of open_basedir, but that’s more of an annoyance than anything.”

Hi @yorman

A Kinsta rep replied with this:

I think this is easy enough to solve actually, if you can pass this on to Sucuri folks:

PHP Fatal error: Uncaught RuntimeException: SplFileInfo::isFile(): open_basedir restriction in effect. File(/www/websitename/public/..) is not within the allowed path(s): (/www/websitename/public:/www/websitename/mysqleditor:/www/websitename/web:/www/websitename/deploy:/www/websitename/deployment:/www/websitename/deployments:/usr/share:/tmp) in /www/websitename/public/wp-content/plugins/sucuri-scanner/src/fileinfo.lib.php

Why is it trying to open the parent directory for scanning? I think that might be a mistake. I think the solution is simply for them to catch exceptions on the foreach ($objects as $fifo) { block – I’m not sure what the correct behaviour is, but basically what’s happening is Sucuri’s scanner is trying to scan your public/ dir, which is okay, but the first file in there (after “the directory itself”) is the parent dir, which our PHP engine is raising an exception for because there’s absolutely no reason for a PHP script to attempt to open files out there. Because they’re not catching that exception, PHP is terminating the script with a fatal error.

I tried adding exceptions for that directory (/www/websitename/public/..) in different permutations but couldn’t get the scan to run anyway, I think it’ll require changes to the code to get it to work (they probably want to be gracefully handling exceptions in that loop anyway, really).

I hope that leads them in the right direction!

Wonderful, thank you for your detailed and swift reply Yorman!

@ideric

Thank you for replying! I was worried no one was supporting this forum anymore. Isn’t there a stripe of code we can add a ‘time limit’ to? Thus, Stateless wont start working when an image is uploaded until 1 minute later? That would give WP Smush more than enough time to compress the image first.

I really want to love this plugin, but I feel like no one is supporting it. I agree, there should at least be a ‘delay’ so that WP Smush has enough time to compress the images before Stateless moves them to Gooogle.

1. I still don’t understand what lockedout means?

3. If an IP address keeps trying to log in to our website (hack), there should be a way to permenanntly block them from ever accessing the website.

Thank you

I place the link here:

View post on imgur.com

But it turns into this… Registration approved (Content):

View post on imgur.com

@antonioeatgoat

@antonioeatgoat Can you please take a screenshot of the exact code you added to your file and show me? I want to make sure I am understanding the instructions correctly.

@xxvii your method gives me the white screen of death,

I went to line 195

added:

//$sender->setTo(get_option( 'admin_email' ));
$sender->setTo('[email protected]');

Does not work.

• This reply was modified 7 years, 4 months ago by audiowarrior.

try this

https://developers.google.com/apps-script/guides/client-verification

solved!

https://developers.google.com/apps-script/guides/client-verification

https://developers.googleblog.com/2017/05/updating-developer-identity-guidelines.html