WordPress.org

Ready to get started?Download WordPress

Forums

Sucuri Security - Auditing, Malware Scanner and Hardening
[resolved] [Plugin: Sucuri Sitecheck Malware Scanner] Small issue with alternate WP_PLUGIN_DIR (5 posts)

  1. brasofilo
    Member
    Posted 1 year ago #

    Hi,
    I'm working on a WordPress site with the following constants enabled:
    WP_PLUGIN_DIR
    WP_PLUGIN_URL
    WP_CONTENT_DIR
    WP_CONTENT_URL

    The Sucuri plugin works ok, but looks like the images have /wp-content/ address hardcoded.

    <img style="position:relative;top:5px" height="22" width="22" src="http://www.example.com/wp-content/plugins/sucuri-scanner/images/ok.png">

    Wp-content folder doesn't exist. It is pointing to the root of the site.
    And the plugins folder doesn't exist either...
    The correct path should be: http://www.example.com/p/sucuri-scanner/images/ok.png
    (yes, just that... the plugins folder is p, and is located at the root level)

    I've outlined this technique in this StackExchange answer.

    Thanks for being there!

    (oh, yes, are you brazilians, btw?)

    http://wordpress.org/extend/plugins/sucuri-scanner/

  2. perezbox
    Member
    Posted 1 year ago #

    Hi Brasofilo

    Yes, a good portion of our team is made up of Brazilians.

    As for the issue, let me get it to our dev team to see what they think about it.

    Are you a client by chance? I just ask because if you are you'll want to use the premium version, we'll be updating this one in the coming months to be replaced by that.

    Stay tuned.

    Tony

  3. brasofilo
    Member
    Posted 1 year ago #

    Hey Tony,
    yeah, it would really amaze me if Sucuri was a japanese idea :)

    Those constants, although not much used, are able to break a few plugins, as I discovered after starting using them.
    As I said, it's a minor issue in Sucuri's plugin but indicates that the devs are not aware of it...

    Nope, not a client yet... But what do you refer as "this one" and "replaced by that"?

    Thanks!

  4. perezbox
    Member
    Posted 1 year ago #

    Hey

    Ah ok, yes, you're referring to the plugin we have in the repo. Internally we have a premium plugin that builds on the free one, but this one works fine too. We just haven't updated it, shame on us.

    That being said, not sure about those constants and why they would break things. But it seems the issue is in the way we hardcoded to look for the plugins directory, probably need to handle that differently. This is a very uncommon configuration, but likely one to evolve with time.

    Have already submitted to the dev team to look at though, see what we can do about it.

    Thanks

  5. brasofilo
    Member
    Posted 1 year ago #

    Well, they break because of hardcoded wp-content's and upload's folders being written instead of using WP functions or constants to retrieve them.

    Thanks for the prompt response!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic