Scanning alert from other application | WordPress.org

Resolved Sloba
(@slobajossi)

10 years, 4 months ago

Hi,

I’ve already used some other scanner and it alerts about following file:
wp-content/plugins/ninjafirewall/install.php

with the following message:
This file is a PHP executable file and contains an eval() function and base64() decoding function on the same line. This is a common technique used by hackers to hide and execute code. If you know about this file you can choose to ignore it to exclude it from future scans.

So I wonder would you be willing to correct this or maybe it could be good enough just to remove this file after the plugin installation (if it isn’t required after NinjaFirewall finishes the installation)?

http://wordpress.org/plugins/ninjafirewall/

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author nintechnet
(@nintechnet)

10 years, 4 months ago

Hi,

Unfortunately, we cannot delete it because it is required. It simply contains NinjaFirewall built-in rules.
But it is a bit strange that it triggers an alert. Can you add it to a whitelist ? Normally, no anti-virus should detect it as a threat, you can see here the results fron VirusTotal: https://www.virustotal.com/en/file/090f03291cf39ab9c523af3c485e3905b65bcf759b5e3e3bfb9fd916626a1f9f/analysis/.

Thread Starter Sloba
(@slobajossi)

10 years, 4 months ago

I suppose I can whitelist it

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Scanning alert from other application’ is closed to new replies.

In: Plugins
2 replies
2 participants
Last reply from: Sloba
Last activity: 10 years, 4 months ago
Status: resolved