Hey Benz1,
thanks for the feedback, I have updated the trunk to fix this bug. So if you would reinstall the plugin, these warnings should be gone.
But the plugin should work as expected even when throwing the PHP Warning, so no need to reinstall 🙂
Have a good day and thanks again,
Stefan
Thread Starter
benz1
(@benz1)
Thanks, making progress. No warnings now but it did time out with the following message:
Fatal error: Maximum execution time of 30 seconds exceeded in /home/xxxxx/public_html/wp-includes/class-phpass.php on line 141
ALso, I happened to have an SSH session open watching TOP and noticed that while running on this VPS, the process was using 99.7%-100% CPU and pushed the server load up from around 0.3 to almost 2.0. I installed it on another site on a different server and the scan completed successfuly.
It seems to do what it says on the box although it would be nice to have an option to turn off some of the warnings as some, like “Administration over HTTPs” for example, is shown as a “high risk security holes that have to be addressed right away” but short of installing SSL, isn’t going to change anytime soon.
Hello Benz1,
sorry, I didn’t see your reply here.
This error might occur during the password checks.
Please try either:
1. Adapting the wp-config.php:
set_time_limit(60);
Important – If you are making changes in wp-config.php, then add this line above the “/* That’s all, stop editing! Happy blogging. */” comment.
2. Adapting the /.htaccess file of your WordPress installation
php_value max_execution_time 60
3. Adapting the php.ini file
max_execution_time = 60;
Preferably the changes are made in the wp-config.php file.
If that does not work then do the following:
Change line 4 and 5 in wp-content/plugins/secure/inc/mvl_config.php from:
$password_list = array(‘123’, …) to
$password_list = array();
and
$bruteforce_pw_list = array(‘aaa|hgqxk’, …) to
$bruteforce_pw_list = ();
Let me know if that works,
Stefan
