Title: Malicious code in OSE Firewall? Last modified: August 31, 2016 --- # Malicious code in OSE Firewall? * Resolved [Roberto666](https://wordpress.org/support/users/roberto666/) * (@roberto666) * [10 years, 3 months ago](https://wordpress.org/support/topic/malicious-code-in-ose-firewall/) * Since yesterday, Wordfence plugin tell me this: * _Critical Problems:_ * * This file may contain malicious executable code: /xxxxxxxx/wp-content/plugins/ ose-firewall/classes/Library/vsscanner/aiscanner.php * So, what’s the problem with this file? How can I check that this file is not infected? All my website looks ok. * [https://wordpress.org/plugins/ose-firewall/](https://wordpress.org/plugins/ose-firewall/) Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Author [Helix.L](https://wordpress.org/support/users/prohelix/) * (@prohelix) * [10 years, 3 months ago](https://wordpress.org/support/topic/malicious-code-in-ose-firewall/#post-6969800) * Hi Robert * In line 556-559, we defined three variables that we would like to search if the php files contain some functions hackers usually use, here are the codes: * $noErrorFeatures = array(‘ignore_user_abort(‘, ‘error_reporting(‘, ‘set_time_limit(‘,‘ max_execution_time’, ‘log_errors’, ‘error_log’); $keywordsFeatures = array(‘ $GLOBALS’, ‘hacked’, ‘$_GET’, ‘$_POST’, ‘copy’, ‘php_uname’, ‘getcwd’, ‘file_get_contents’,‘ file_put_contents’, ‘deface’, ‘$_COOKIE’, ‘setcookie’, ‘gzuncompress’, ‘gzinflate’); $specialFeatures = array(‘@ignore_user_abort(‘, ‘@error_reporting(‘, ‘@set_time_limit(‘,‘ @ini_set(‘); * As you can see, the above files contain the functions hakcers like to use, so it may trigger false alerts from other scanners, please request a whitelisting of this file. or we can remove it for the time-being if this gives trouble on your website. * Best wishes Helix * Thread Starter [Roberto666](https://wordpress.org/support/users/roberto666/) * (@roberto666) * [10 years, 3 months ago](https://wordpress.org/support/topic/malicious-code-in-ose-firewall/#post-6969820) * Ok, thanks a lot for your feedback, that’s what I thought. I will try to whitelist this file. Thanks again. * Thread Starter [Roberto666](https://wordpress.org/support/users/roberto666/) * (@roberto666) * [10 years, 3 months ago](https://wordpress.org/support/topic/malicious-code-in-ose-firewall/#post-6969821) * Setting the topic resolved. Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Malicious code in OSE Firewall?’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/ose-firewall_adadad.svg) * [Centrora WordPress Security™](https://wordpress.org/plugins/ose-firewall/) * [Frequently Asked Questions](https://wordpress.org/plugins/ose-firewall/#faq) * [Support Threads](https://wordpress.org/support/plugin/ose-firewall/) * [Active Topics](https://wordpress.org/support/plugin/ose-firewall/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/ose-firewall/unresolved/) * [Reviews](https://wordpress.org/support/plugin/ose-firewall/reviews/) * 3 replies * 2 participants * Last reply from: [Roberto666](https://wordpress.org/support/users/roberto666/) * Last activity: [10 years, 3 months ago](https://wordpress.org/support/topic/malicious-code-in-ose-firewall/#post-6969821) * Status: resolved