quttera
Forum Replies Created
-
Forum: Reviews
In reply to: [Quttera ThreatSign – Web Malware Scanner for WordPress] Waste of timeThank you for provided review.
We apologize that it is so negative but please note this plugin is intended to scan websites internally and externally with high sensitivity and help to identify hidden infection missed by other plugin.
The high sensitivity scan may lead to false positives and cure of such detection may corrupt a website.
This is the reason this plugin does not provide cure functionality.
Again, thank you for the review.
Best Regards
Quttera Support Team.@dnmmalta Can you please check what blocks AJAX scan request sent from the WordPress dashboard to the plugin backend code?
BR
Quttera TeamThank you for the provided information.
When you click scan button AJAX sends a scan request to the plugins PHP code running on the backend.Please check using browser “Developer tools” that this request sent properly.
On the backend side you should see plugin’s log file wp-content/plugins/quttera-web-malware-scanner/runtime.log
If this file exists and not empty, please post here the last 10 lines that you see.
If this file missing or empty it means something blocking AJAX requests sent to the plugin from WP dashboard.
BR
Quttera TeamHi Matthew,
Can you please share logs printed when you start scan?
Thank you.
Forum: Fixing WordPress
In reply to: quttera plugin + website malware@dnmmalta regarding plugin scan issue, the scanner scheduler utilize wordpress cronjob mechanism to run malware investigation in background and do not impact website performance. Please verify cronjob mechanism is enabled and running properly on your sites.
Try to investigate website access logs and correlate attack IPs. If all sites being infected on the same date, you should see the same IP on all sites (all access logs).
Best Regards,
Quttera Team.Some followup for the issue:
We shortly will whitelist the detection to prevent this FP.
Regarding the font size, 1px font could be used to inject spam text which will be visible only for Google robots
Quttera Team.
@dariobros can you please clarify if this FP detection occurred using high sensitivity scan?
Thank you.
Sorry for the probably late response, this file has been investigated and found clean.
The detection will be whitelisted in next plugin release.
Thank you.
We found the mentioned file and reproduced this issue.
This is false positive detection and will be whitelisted next version.Optionally you can whitelist it locally by clicking “whitelist” button on the detected file.
Thank you for pointing out this issue.
Can you please send us the detected file to support[at]quttera.com for further investigation.
Our malware researcher team will investigate it and update regarding detection.Please rename the file to *.txt
Thank you.Thank you for the details.
The new tab opened using “window.open()” JavaScript function.
In most cases, this method invoked with a URL to be opened in a separate tab.
In our case, we invoke the function with no parameters and further update the new window with the body od the downloaded report.
We will check if there are any parameters that could be added to “windows.open()” call.
Forum: Plugins
In reply to: [Quttera ThreatSign – Web Malware Scanner for WordPress] Error in scanCan you please share how much files being scanned?
Is it possible to have direct admin/ftp access to this setup? If yes, please send us details to support[at]quttera.com with title “WordPress plugin debug details”
A new plugin version (3.3.2.1) had been released.
Please let us know if you still see the mentioned error log.Forum: Plugins
In reply to: [Quttera ThreatSign – Web Malware Scanner for WordPress] Error in scanJust wanted to update you that we released a new update and added some logs wrapping filesystem snapshot functionality.
Can you please try the latest version 3.3.2.1 and share the results?
Both buttons “Download report” and “Detected Threats” successfully tested on Firefox 78.0.2 (64-bit).
The report opens in a separate tab which is handled by browsers as a popup.
Please check Firefox is allowed to open popups from the website.