Support » Plugin: Anti-Malware Security and Brute-Force Firewall » [Plugin: Anti-Malware (Get Off Malicious Scripts)] Are all references to 'eval' bad?

  • Resolved KathleenH

    (@kathleenh)


    Hey there Eli. I got hacked by the Bangladesh Cyber Army (grrr!) and thought it would be wise to check for malware on my site. I ran your plugin scan (which appeared to work smoothly and quickly, thank you!) and it came back with one known threat – the ‘eval’ one.

    Can you tell me whether all references to ‘eval’ in code are bad, and I should go ahead and click that repair button?

    Thanks!!!

    http://wordpress.org/extend/plugins/gotmls/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Eli

    (@scheeeli)

    Not all usages of ‘eval’ in code are bad. Many of them show up in Yellow as “Potential Threats” which are almost always legitimate uses. But if it shows up in Red as a “Known Threat” then that means it matches a pattern that I have found to be “Malicious” and I would strongly advise repair that file.

    Please let me know if you need anything else.

    Aloha, Eli

    KathleenH

    (@kathleenh)

    OK, that’s great. I’ve run your program and the red threats are now history! Thank you so much for this brilliant plugin. I love it!!!

    Plugin Author Eli

    (@scheeeli)

    Thanks for the followup. I’m working on a white-list feature now that should be ready by the end of the month. This will eliminate a lot of the benign scripts from coming up in the “Potential Treats” section.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Anti-Malware (Get Off Malicious Scripts)] Are all references to 'eval' bad?’ is closed to new replies.