WordPress.org

Ready to get started?Download WordPress

Forums

Anti-Malware (Get Off Malicious Scripts)
[resolved] Are all references to 'eval' bad? (4 posts)

  1. KathleenH
    Member
    Posted 1 year ago #

    Hey there Eli. I got hacked by the Bangladesh Cyber Army (grrr!) and thought it would be wise to check for malware on my site. I ran your plugin scan (which appeared to work smoothly and quickly, thank you!) and it came back with one known threat - the 'eval' one.

    Can you tell me whether all references to 'eval' in code are bad, and I should go ahead and click that repair button?

    Thanks!!!

    http://wordpress.org/extend/plugins/gotmls/

  2. Eli
    Member
    Plugin Author

    Posted 1 year ago #

    Not all usages of 'eval' in code are bad. Many of them show up in Yellow as "Potential Threats" which are almost always legitimate uses. But if it shows up in Red as a "Known Threat" then that means it matches a pattern that I have found to be "Malicious" and I would strongly advise repair that file.

    Please let me know if you need anything else.

    Aloha, Eli

  3. KathleenH
    Member
    Posted 1 year ago #

    OK, that's great. I've run your program and the red threats are now history! Thank you so much for this brilliant plugin. I love it!!!

  4. Eli
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks for the followup. I’m working on a white-list feature now that should be ready by the end of the month. This will eliminate a lot of the benign scripts from coming up in the “Potential Treats” section.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags