SolidWP security scan question

  • Resolved rob900

    (@rob900)


    2 years, 2 months ago

    Hi

    I was reading this article and I think I saw some info in your page about the scanner function that it only checks if the page has been crawled by google and flagged as unsafe. By that time I think there is already for example a negative/degraded SEO score on the site. It would be better to get the notice before search engines find out that a site is infected.

    Is the only way you see to reliably have a scanner for malware to make sure the web hosting company does this on their server level outside my wordpress installation? If so it seems very important that if I have either the free or paid version of your plugin that I make sure about this otherwise it seems I am just getting myself in a false sense of improved security even if I have a firewall (either locally or externally) and also even if I have an external scanner like Managewp and so on, right? Or do you offer any package/feature/setting that has more wider coverage on this topic?

Viewing 1 replies (of 1 total)
  • Plugin Support chandelierrr

    (@shanedelierrr)

    2 years, 2 months ago

    Hi @rob900, I see you have some questions related to Solid Security’s Site Scanner, and I’m happy to clarify!

    “Does Site Scanner wait until Google crawls the site to scan it?”
    – No, the primary function of the Site Scanner is to regularly scan for known-vulnerable versions of software, or for known weak passwords, etc. An additional scan goes out to check and make sure the site has not been blacklisted, but it’s not like we wait to scan until things happen.

    Malware scanning from the application level is easy to spoof/circumvent. If I were writing malware, the first thing I’d do is to write code to return an “all clear” from any malware scanning within the application. So the best way to scan for malware is to do it from a different server where the results can’t be manipulated by the malware itself.

    Please note that Solid Security’s Site Scanner does not offer malware detection and removal. What we offer are ways to strengthen user security and firewall features that prevent brute force attacks and vulnerable installs.

    I hope this helps!

Viewing 1 replies (of 1 total)

The topic ‘SolidWP security scan question’ is closed to new replies.