sminozzi
Forum Replies Created
-
Hello Tibbie,
Thank you!
Now the plugin removes the file after completing the installation or update, saving space.
Best regards,
Bill, PLugin Develper.Hi Tibbie,
Don’t worry. It’s the rules file with the signatures. Tomorrow I’ll prepare a new version that deletes it after installation and let you know.
Regards,
Bill
If I understood correctly, your client’s site has more than 1020 must use plugins, right?Well, as an emergency measure, I uploaded a new version that removes the malware scan while I properly study how to include a management interface for that in the plugin, which requires more time.
I hope this solves your problem, please let me know.Hi,
You are welcome.
I’m glad your site is working. Installing more than one security software together is not a good idea. Please leave ours disabled and use the other one you mentioned, and thoroughly inspect the suspicious files you were alerted about.
I hope it’s just a false alarm and there’s nothing serious with your server.
If you need anything else from us, feel free to contact us anytime.
Regards,
Bill, Plugin developerHi,
I haven’t heard back from you, but I would like to further analyze the message you posted: ‘Sorry, you are not allowed to access this page.’Please note that while your post title was ‘Site Access Blocked’, the actual message you received has a very specific meaning. Being ‘blocked out of the site’ is one situation, but this message indicates that WordPress recognizes you are logged in but is not allowing access to a specific area or function.
To test this, please try clicking on other items in the left-hand sidebar menu (such as ‘Dashboard’ or ‘Posts’) and see if the system allows you to navigate or if the error persists. This will help us identify if the issue affects the entire admin area or just an isolated link.
Regards,Bill, Plugin developer
Hi,
I’m sorry to hear about the issue with your server. I’m based in the London team, but I’ll make sure to assist you and get this resolved today. First step: please clear your browser’s cookies and cache and try again. Keep your browser with cookies and javascript enabled.
Try to visit: http://www.your-site.com/wp-admin/
You should also try using a different browser or device.If that doesn’t work, please visit our support site (it’s free), as I’ll need to check some system logs that shouldn’t be shared here.
https://www.billminozzi.com/support/I’ll be waiting for your update.
Regards,Bill, Plugin developer
- This reply was modified 4 months, 2 weeks ago by sminozzi.
This file contains no malware signatures. (/includes/catch-malware/class_bill_catch_malware.php)
But since it’s hard to do a deeper check (especially because some of the info seems incorrect), I can’t really dig any further than what I’ve already suggested.
To be clear, my concern isn’t with you, but with the data you received, as some of the information appears to be inaccurate.
So you don’t waste more time, I’d recommend deactivating our plugin and using the standard WordPress one—it’s very good. I’ll get back to you if I find out anything else in the future.
If you come up with any other ideas, I’m here to listen.
Thank you again!You said:
you are not an expert in this field. These kinds of security practices and errors should be left to dedicated plugins.
Sorry, I disagree.
You can see my resumee here:
https://sergiominozzi.com/As I explained yesterday, if you click the “ignore” button on the security alert screen, the button disappears.
It just takes one click.The current situation regarding cyber threats is very serious. And the truth is, we are worrying about this. When many start to worry, as you said, rest assured that a solution will emerge in due time.
You have every right to think differently. However, since we gave advance warning and you can remove the button with just one click, I don’t think the one-star review is warranted.
Note that you wrote: “…most notably a massive Site Health module with a big red warning that cannot be disabled…“
It is not true.I ran some tests.
1) I have maldet installed on our VPS server, and maldet did not flag the file class_bill_catch_malware. Maybe because is another version or the maldet on your server is too old or defective or more agressive.
2) Even though it’s not in the filter, our scanner doesn’t flag this file. Neither Wordfence scanner catch it in my site.
3) This Wordfence ticket is strange (from 8 months ago) because this file was only created about 3 months ago, so it didn’t exist 8 months ago. I believe they are giving you incorrect information.I am exploring what other measures I can take while I await your response regarding my suggestions from yesterday:
Please remove and install our plugin again to be sure it is clean. Try installing our free AntiHacker plugin and run a complete scan on your site, just in case. Then, please let me know the results.Hi,
Thank you for letting me know. I just ran tests with Wordfence and it did not flag it as malware on our site. I will study that more, but in the meantime, please remove and install our plugin again to be sure it is clean. Try installing our free AntiHacker plugin and run a complete scan on your site, just in case. Then, please let me know the results.
https://ww.wp.xz.cn/plugins/antihacker/When our system catches malware, it specifies its name, and we have a table on our website, accessible to everyone, that details the malware’s characteristics. This helps us analyze it. However, other systems only state that they suspect malware, which complicates our work.
Our system has filters to avoid flagging Wordfence files. If we remove these filters, it also flags Wordfence as suspicious, but we filter that out because we trust them and to avoid bothering our users.
Regards,
Bill, Plugin developer- This reply was modified 4 months, 3 weeks ago by sminozzi.
Grazie mille! Sono italiano anch’io, è um piacere.
Thank you for helping us make the web a safer place.Thank you for your suggestion.
- This reply was modified 4 months, 3 weeks ago by sminozzi.
Grazie mille! Sono italiano anch’io, è um piacere.
Thank you for helping us make the web a safer place.Hi,
We never received an email regarding this issue. Additionally, we provide a free support page that remains unused.
Another user, shortly after your review, shared a detailed report on how our plugin solved their issues with zero false positives (no real customers blocked).Although the original review was in Italian, they provided an English translation. I highly suggest taking a look, as it could be very useful for your case.
Here is a brief excerpt:
“The plugin requires some attention to limit false positives, but after an hour of setup and checking the logs, I have 2,000 bots blocked and practically zero false positives. For now, I’m in conservative mode; I’ll gradually increase the settings. It’s already doing a lot of work.”
I hope this information is helpful and leads you to reconsider and update your review.
Please allow us to help you properly. Visit our support page so we can work together to make your website and the web a safer place.
Free support:
https://BillMInozzi.com/support/Help us build a better internet.
Regards,Bill, Plugin developer
- This reply was modified 4 months, 3 weeks ago by sminozzi.
Hi Alex,
Our WordPress plugin page includes a section titled “Advanced Site Health” which explains this functionality and provides a link to our Terms of Service for full transparency.It seems there was a misunderstanding before leaving this review, so here is why our plugin operates this way:
Cyberattacks are 450% more effective The security landscape has reached a turning point driven by AI. According to the Microsoft Digital Defense Report 2025, AI makes sophisticated attacks 450% more effective than traditional methods. We are currently seeing state-sponsored cyberwarfare targeting not just governments, but all websites.
2 million attacks every second Roughly 30% of internet traffic consists of bots, and 2.5% is purely malicious. According to Cloudflare, that translates to nearly 2 million attacks every second.
Our plugin extends WordPress’s native Site Health feature—a practice encouraged by the WordPress Core handbook—to ensure total site integrity. A plugin is like a gear in a machine; if the machine is failing, our plugin cannot function correctly, which leads to unnecessary support requests and overhead.
Finally, if you simply click the “Ignore” button, the plugin will silence the warnings and the button will disappear instantly.
We hope this clarifies our approach and that you might consider updating your review based on these facts.
Happy new Year!
Bill, Plugin developer.