Tag Archive for plugin


direct-install-method

Published on August 19, 2013 By Anti-Malware Admin

I have had quite a few WordPress users having trouble with plugin upgrades or re-installing plugin that were not completely removed. The problem is that sometime WordPress will not remove the main folder for a plugin that is being upgraded or removed but it will remove all the contents of the folder. So then WordPress does not see that the plugin is installed but it cannot create the directory structure to reinstall it either.

The only thing you can do then is to login to your server via FTP (or a file manager in your hosting control panel) and delete the directory so that it can be re-installed. But for some people that just isn't so easy to get to. So I created this little helper plugin to force the deletion of any plugin's main directory and all of it's contents before upgrading or installing another version of that plugin. It's still under development and I would not recommend installing all your plugins with this one activated, but if you are have trouble upgrading a plugin because the destination directory already exists then this will probably help.

You can download the BETA vesion of this plugin here

Good Luck!

Aloha,
Eli Scheetz


Now available in the WordPress Repository

Published on March 26, 2012 By Anti-Malware Admin

I just released my new Anti-Malware plugin for WordPress. It is still in BETA but I think it will be very helpful in removing malicious scripts and patching security vulnerabilities.

Please feel free to leave feedback and donations are always appreciated.


A WordPress plugin is born

Published on February 16, 2012 By Anti-Malware Admin

I made my PHP scripts into a WordPress plugin and installed it on a couple of different servers to test it. Over the next few weeks I will be testing, refining, and improving the plugin to get it ready for release to the WordPress community. Anyone interested in testing it on their WordPress site should contact me and I will set you up with a pre-release version.


Zero Day Vulnerability in timthumb.php is the main problem

Published on February 15, 2012 By Anti-Malware Admin

 

I was able to find and trace one of the hacks back to thumb.php file. This turned out to be an old version (1.08, 1.14, etc.) of the popular TimThumb script. It turned out there were a lot of old TimThumb script on the server. Many were found in plugins and others were in themes.

I wrote a script to identify old TimThumb files and upgrade them automatically. Now it looks like we finally have a secure server again.