Reply To: An attempt to clean up the site failed

Home Forums Support Forum An attempt to clean up the site failed Reply To: An attempt to clean up the site failed


Anti-Malware Admin
Key Master

Yes, with a lot of code changes it would be possible to re-purpose my plugin to be more proficient at scanning larger file-systems containing multiple site under conditions where the shared hosting platform permits the PHP process to access all the sites on the account. However, that would require exploiting the biggest vulnerability of cheap shared hosting accounts to access and change the files of one site from the PHP execution of another site. While this is all too common and easy to do in many cases, it is also the main reason that all your sites can be infected with a malicious PHP scripts that makes it way into one weak site.

Now, wouldn’t it be better all around if each of your sites had more protective permissions so that these malware infection wouldn’t be able to infect every site on your server from just one breach?

My conclusion is that if the hosting providers implemented a reasonable security scheme then my plugin would then not even be able to access those other sites and could then not scan or clean them, and that would actually make your system even safer.