Eli
Forum Replies Created
-
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Scan not possible to makeHi Johan,
Thanks for giving me more time to look at this issue on your site. I was able to narrow it down to the Extended Protection feature of the WAF in your Wordfence settings. Even if you deactivate the Wordfence plugin the WAF is still active if the Extended Protection feature is enabled. I found that you can disable the Extended Protection feature by clicking on “manage WAF” in the firewall setting for Wordfence and that was the only thing that would then allow my plugin to run the Complete Scan on the public_html directory. It’s strange that I could run the scan on other directories but just not on the whole site. Also, I tried to recreate this issue on a few other test sites and was not able to get it to interfere with my scan the way it does on your site. It must have been something to do with the way Wordfence built the firewall rules on your site when it was in the learning phase. Maybe you can get them to help your site relearn it’s firewall rules.Thanks for sending this additional info. It looks like your site is clean, unfortunately, I think you might have a hard time convincing Google of this. As you can see they have marked all kinds of files on your site, including images and standard core scripts that are not actually infected. I believe they have blacklisted your domain for some reason. You are going to have to actively pursue them and demand that they give you an actual example of the offending code. If they are unable to explain what the problem is then they should at least be willing to review your site’s blacklist status and approve your ads.
Please let me know how it goes, and when they get back to you please let me know if there is anything else I should look at.
Have you downloaded the latest definition updates?
Was there anything on the scan page in red?
Can you send me a URL or a s screenshot so that I can help you further investigate this site?
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Getting error – open_basedirOn the Scan Settings page in your wp-admin There is a box titled Scan Logs with a list of recent scans. Just hover over that list and a link will appear that gives you the option to clear below that point in the log.
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Getting error – open_basedirNo, it’s in the free version too.
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Getting error – open_basedirThat is already a feature of the plugin. You can delete the scan log and the quarantine records. But there is still no reason to disable the is_dir function, it’s not like there is any risk in checking for the existence of a directory.
Anywany, please try deleting all the scan logs and all the quarantine records and then let me know if that warning still comes up. Also, please make sure that you are using the latest version of my plugin.
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Getting error – open_basedirIt’s probably checking for the existence of a directory that may have been scanned and cleaned before. There is no harm in checking to see if a directory exists. If you want my plugin to be able to scan your site then you need to talk to your hosting provider about allowing the is_dir() function.
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Still infectedTry clearing your cache and rescan to make sure it’s really clean 😉
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] False Positive WoocommerceThanks, This was due to a new definition that I added last night. It is fix now, thanks to your report along with the code example that you posted 😉
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Critical Error From Plug-InThat code is an optional part of the firewall, The brute-force protection that is added to your wp-config.php file when you enable it in the Firewall settings. Why did they remove that code?
As you can see, in the code, the require statement is conditional that the file exists. The only thing that I see out of place in the code you pasted is that it both starts and ends with <?php and of course it should start with that PHP marker but not end with it. perhaps you should remove the <?php at the end of that line, right after “bootstrap.”.
Forum: Reviews
In reply to: [Anti-Malware Security and Brute-Force Firewall] Definitely 5 StarsYou site could be getting infected by cross contamination from another site on the same server. A firewall cannot stop an infection from spreading if it is already on your server.
@ghomergher,
You are posting under a topic that is resolved. Others with this same issue have resolved this issue by using my Anti-Maware Plugin to remove the infection from their code and it would appear that you have not yet even tried my plugin.To answer your direct question I can only say that there are many possible causes of malicious code getting injected into your site. Yes, it could have come in through one of your plugins, but that is not the most likely avenues for an infection unless you have installed some shady plugins from an unreliable source. The most common cause of these types of infections is the lack of security on most mainstream shared hosting servers which allows for cross contamination from other infected site on the same server.
If you would like to try my plugin I think that you will find that it will clean your infection and harden your site against future external attack. You may still need to seek out a more secure hosting environment to keep your site safe from cross site contamination though.
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Scan not possible to makeGetting a 404 on the scan page in your wp-admin is most likely caused by some other security plugin or malicious software that is intercepting and blocking scan requests.
If this general info does not spark any insight that leads to the solution then please send me a list of plugins that you have installed on your WordPress site, and a screenshot of the 404 error page with the full URL showing, and also the contents of your .htaccess file might be helpful.
If you don’t want to post any of that info on this public forum you can send it to my direct email:
eli AT gotmls DOT netForum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Help: rogueads.unwanted_ads1. Have you (or have you NOT) tried clearing all your cache, including the cache on Cloudflare?
2. When you say “doing a scan again”, what “still seems to be showing ads”? Can you post a screnshot or a link to the page where I can see that those ads are still showing?
3. What is “not on a WiFi”, your PC? This brings me back to cache, DNS cache, and Cloudflare…
Please answer these question before asking for more help, I cannot help you blind, I need to know what has been check and where you are getting your current info from if I am to guide you any further.
Forum: Plugins
In reply to: [Anti-Malware Security and Brute-Force Firewall] Help: rogueads.unwanted_adsWell, I don’t see it so maybe it’s just cached. Have you tried clearing all your cache, including the cache on Cloudflare?