msuemnig commented 5 years ago

If useful, would you like false positives reported for publicly available WordPress plugins? Things like...

ER # {/var/www/html/mysite.com/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-utility-htaccess.php}

ER # {/var/www/html/mysite.com/wp-content/plugins/all-in-one-wp-security-and-firewall/lib/whois/whois.main.php}

...show up on every scan and they are always false positives. Just offering to send you logs or whatever for the most popular plugins, if that is useful. Thanks for the work. It's much appreciated!

scr34m commented 5 years ago

You can extend white list for yourself, currently a big whitelist generation is under progress to minimalise false positive reports.

But a list with the popular WP plugins would be great.

scr34m commented 5 years ago

Could you make a new run with --combined-whitelist option, the database now generated from original sources.

And if you can provide me a plugin list for wordpress then i will include those values too.

scr34m commented 5 years ago

no response, closing

scr34m / php-malware-scanner

Contribution? #48

ER # {/var/www/html/mysite.com/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-utility-htaccess.php}

ER # {/var/www/html/mysite.com/wp-content/plugins/all-in-one-wp-security-and-firewall/lib/whois/whois.main.php}