Support » Plugin: Exploit Scanner » [Plugin: Exploit Scanner] 0 files scanned, no progress

  • wordpress and all plugins are up to date.
    I just installed exploit scanner 1.3.1

    I click the ‘run the scan’ button and It says Files scanned: 0
    with an animated circle activity but it never goes past that.

    I left it running for 2 hours and it was still at 0.

    windows 7 64 bit
    IE 9.0.8112 / 9.09
    Chrome 21.0.1180.89 m
    Firefox 15.0.1
    Opera 12.02 1578
    Safari 5.1.7 (7534.57.2)

    All browsers same result.
    I tried it on 2 other windows 7 systems too.

    I do know for sure the site has malware, most likely originating in the theme.

Viewing 8 replies - 1 through 8 (of 8 total)
  • It is the same with me. No progress.

    same at me

    WIN 7 64bit
    Firefox 17.0
    WP 3.5 network installation

    Same to me. 4 hours and the message stuk in “Files scanned: 0….”
    No matter PC, no matter browser … no matter weather … always the same … What am I doing wrong?

    I’m not sure but I think this behavior is due to the existence of too many files present in your wp installation directory.

    You may try the plugin in a fresh WP installation, or by removing themes and plugins you do not use.

    Alternatively, you may try fiddling with the Explorer Scanner settings. They are explained in the docs but I haven’t really taken the time to read them comprehensively (I think one of the reasons could also be due to limited PHP memory, so you may have to increase it).

    hi i have the same problem

    I have the same problem. In my wp-admmin/error_log, I see the following (repeated many times):

    [13-May-2013 17:13:51] PHP Warning:  file(/home/nolisome/public_html/wp-content/tmp/posts/ca659f2...95a) [<a href='function.file'>function.file</a>]: failed to open stream: No such file or directory in /home/nolisome/public_html/wp-content/plugins/exploit-scanner/exploit-scanner.php on line 796
    [13-May-2013 17:13:51] PHP Warning:  Invalid argument supplied for foreach() in /home/nolisome/public_html/wp-content/plugins/exploit-scanner/exploit-scanner.php on line 797

    Same symptom here, under WP 3.5.1. Initially, I was seeing no feedback whatsoever. php.err reported:

    [19-May-2013 18:01:34 UTC] WordPress database error Got a packet bigger than 'max_allowed_packet' bytes for query INSERT INTOwp_options(option_name,option_value,autoload) VALUES ('_transient_exploitscanner_files', [...]

    (The […] is a placeholder for the rest of the line which is too long to even load into my editor.)

    Part of this was due to leftover files from the Global Translator plugin (/gt-cache dir, et seq) which I uninstalled eons ago, and never got ’round to cleaning up. However, after sorting through the mess and running Exploit Scanner again, I actually get an error message on the screen (the same symptom up to that point, however, with 0 files scanned and the spinner):

    {"status":"error","message":"$this->files was not an array","data":{"start":250,"files":"b:0;"}}

    Settings are:

  • search suspicious styles
  • upper file size limit: 400KB
  • files per batch: 250
  • Changing the above settings to 100KB / 100 max files without leaving the page and clicking the start scan button yields nothing.

    Exiting the page, returning, setting the above lowered values, and starting the scan gets it going again. No entries in php.err, and ultimately, a message:

    An error occurred. Please try again later.

    PHP is configured for 256M, and as I monitor the progress, I am not even approaching that limit (across all vhosts running on this server). I’m also not getting an out of memory error showing anywhere.

    I have no other deep directories which are obvious.

    Just some random observations, in the hope that they help track down the underlying cause of the failure (this plugin used to work on this site, too). I wish it had a better facility for tracing (i.e., it’s own debug log).


I ran a successful scan today. In the interim, there were some changes to the Apache configuration on the server, namely, to the mpm settings, where I increased the thread stack size. Normally, had the stack blown, I would have seen Apache crash (or at least stop serving requests), so I’m not sure that that was it.

In addition, I bumped my PHP 5.3 from 5.3.19 to 5.3.25, which was perhaps the most significant change. I also resolved a long-standing TZ string issue (PHP versions before 5.4 will ignore the date.timezone setting in php.ini if TZ is present in the environment, whether PHP can properly interpret the TZ string or not; in my case, my TZ wasn’t fully POSIX-compliant, and while Apache was perfectly fine with it, PHP ignored it, throwing all of my timestamps off.

So, without rolling PHP back to 5.3.19, I think it was probably the upgrade which fixed this, and which would be a reason that not everyone has experienced this failure.


Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘[Plugin: Exploit Scanner] 0 files scanned, no progress’ is closed to new replies.