Verify the integrity of a WP installation by scanning for unexpected or modified files.
The plugin is only meant to be used with single-site WordPress installations. Some features may still work under multi-site environments, however it would be safer to use some other plugin that is specifically marked WPMU-compatible instead.
No, Look-See merely points out any irregularities it finds. It is left to you to manually review any affected files to determine whether or not they pose a threat.
Take a look at your FTP program's settings and change the transfer type from ASCII (or automatic) to Binary. If your program doesn't support this, try FileZilla: http://filezilla-project.org/.
Not necessarily. There could still be backdoors elsewhere on the server. As always, we recommend you maintain best security practices and keep regular back-ups.
If you have command line access to your server, a command like the following will return a list of files containing various "blacklisted" functions. (Just update the path at the end.)
grep -E -r "\b(fsockopen|pfsockopen|proc_open|curl|exec|shell_exec|eval|hex2bin|base64_decode|passthru|unserialize|pcntl_alarm|pcntl_fork|pcntl_waitpid|pcntl_wait|pcntl_wifexited|pcntl_wifstopped|pcntl_wifsignaled|pcntl_wexitstatus|pcntl_wtermsig|pcntl_wstopsig|pcntl_signal|pcntl_signal_dispatch|pcntl_get_last_error|pcntl_strerror|pcntl_sigprocmask|pcntl_sigwaitinfo|pcntl_sigtimedwait|pcntl_exec|pcntl_getpriority|pcntl_setpriority)\s*\(" --include "*.php" /path/to/wp-content/
Remember, these functions do have perfectly legitimate uses, so most of the results will probably be innocent. Still, it won't hurt to take a look.
Not yet, sorry. Automated scans will probably be integrated into a future release, so stay tuned!
Requires: 3.6 or higher
Compatible up to: 4.3.1
Last Updated: 2015-9-27
Active Installs: 1,000+
1 of 3 support threads in the last two months have been resolved.
Got something to say? Need help?