Suspcted malware URL

  • rikkefunch

    (@rikkefunch)


    7 years, 9 months ago

    I scanned my site a couple of days ago and got the following in the activity log:
    Ex:
    “Post contains a suspected malware URL: while ago when he was hitting 36 home runs for the Royals in 1985

    “Page contains a suspected malware URL”. It was on all the pages.

    I have removed the text/URLs that shouldn’t be there (posts and pages) and have tried to run a new scan. It seems to be “stuck” and comes up with this:
    Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 14241309 bytes) in /var/www/www.amagerbilland.dk/www/wp-includes/wp-db.php on line 1263

    What does that mean exactly? Does it mean that it can’t run a complete scan now? and is something infected in the wp-db.php file?

    I have also looked at the Live Traffic feature and it seems like there is a lot of “bots” and “warnings” crawling the site.
    Is that normal? I wouldn’t think so.

    Is there anyone who can help me with this?

    https://wordpress.org/plugins/wordfence/

Viewing 3 replies - 1 through 3 (of 3 total)
  • mountainguy2

    (@mountainguy2)

    7 years, 9 months ago

    When scanning, keep “Live Traffic” turned OFF, it’s a resource hog. Lots of bot hits is normal, enjoy watching how they help your host make a profit due to you paying for the added bandwidth the bots need to do their work.

    Try a scan that’s tweaked to use less resources, try something like enabling below but unchecking all other checkboxes:

    Scan public facing site for vulnerabilities? Yes
    Scan core files against repository versions for changes Yes
    Scan for signatures of known malicious files Yes
    Scan file contents for backdoors, trojans and suspicious code Yes
    Scan posts for known dangerous URLs and suspicious content Yes

    Set “How much memory should Wordfence request when scanning” to perhaps 256

    Wordfence in my opinion is overall good and quickly improving, but the scanning is of limited value because rather than looking deeply for vulnerabilities and helping secure the website, it’s oriented to discovering exploits that are already accomplished. Reactive rather than proactive. I schedule it to run once a week at midnight on the weekend, when I have low server load. My guess is they’ll keep improving it, so I’m sticking with it.

    Thread Starter rikkefunch

    (@rikkefunch)

    7 years, 8 months ago

    Thank you so much for your reply.
    I’ve tried to do what you told me to do. I don’t have the possibility to “enabling below” but I unchecked several boxes and kept those checked as you suggested. But I keep getting the same error.
    Using Anti-Malware it tells me, that it is an old swf file. Is it possible to make Wordfence skip checking these files?
    I think that this may solve my problem.
    What do you think?

    wfalaa

    (@wfalaa)

    7 years, 8 months ago

    Hi rikkefunch,
    Please go to (Wordfence > Diagnostics) and share the value of these two options with me:
    WP_MEMORY_LIMIT
    WP_MAX_MEMORY_LIMIT

    Also, you may consider running “Test your WordPress host’s available memory” down on the same page.

    Keep me updated,
    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Suspcted malware URL’ is closed to new replies.