B4Dmd
Forum Replies Created
-
@desw: This was taken right from the “How to fix” tab of the plugin:
Your server shows too much information about installed software.?
If you’re using Apache web server and have root access(or can edit httpd.conf) – you can define ServerTokens directive with preffered options(less info – better). See details.
The solution: Try disabling indexes in your .htaccess file using the below:
Options -IndexesThen, run the scan again 🙂
It looks like the vendor of this plugin doesn’t have a hashes file for 3.4.2:
$hashes = dirname(__FILE__) . ‘/hashes/hashes-‘. $wp_version .’.php’;
if ( file_exists( $hashes ) )
include( $hashes );
else{
return array(‘status’=>’error’, ‘data’=>’Hashes file not found!’);REF: http://plugins.svn.wordpress.org/ultimate-security-checker/tags/2.7.0/securitycheck.class.php
I found a post with a different plugin that uses the same hashes file format:
http://wordpress.org/support/topic/plugin-exploit-scanner-hash-file-for-342?replies=2
Using the paste bin site raw data, I was able to crate and upload the hashes-3.4.2.php file to /wp-content/plugins/ultimate-security-checker/hashes
Everything works fine now.
Please NOTE: I didn’t sanity check the hashes. As the hashes came from pastebin, I would recommend some caution.
Thanks.