Support » Plugin: WebDefender Security – Protection & GDPR » Scan results perhaps too detailed/thorough?

  • Resolved timmiieehh

    (@timmiieehh)


    Hi,

    Based on the results of Webdefender there are 474 potentially vulnerable files. The amount consists of very well known plugins and WP core files. So what does that mean in practice? That all of these files have bad written php code inside? Or do I need to whitelest them one by one? How does this work and why do you state these files are vulnerable?

    Thanks for your reply.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Hi Timmiieehh
    Can you please tell us what level of scanning you used?
    If you used basic or recommended scanning then the probability of a virus is close to 95%. We use Heuristic and known signature scanning.
    The “Professional” scanning was developed to find zero day threats and is for the professional user.

    Kind Regards
    Cobweb-Security

    Where is the option to choose the scanning level? And who decides who is a professional user or not?

    Furthermore, it also detects malicious scripts such as:

    Phishing page detected <title>Facebook</title>

    And it also detects server malware in files from ‘Better WP security’.

    That doesn’t very malicious to me, but heh, I guess I’m not a professional user.

    Hi Timmiieehh,
    The heuristic algorithm can generate false positives like the ones you mentioned.
    But, you need it to find new viruses, and to do so we sometimes go thru hundreds of files.If you understand the benefits of heuristic algorithm then you understand that the benefits out-way the disadvantages.
    If you don’t want to see the false positives just don’t use this scan level.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Scan results perhaps too detailed/thorough?’ is closed to new replies.