Forum Replies Created
-
AuthorPosts
-
It sounds like you’re getting about 10 folders scanned per minute. This is extremely slow in general and I expect it is even slow by Bluehost standards, but I cannot say why it is so slow without a lot more diagnostic data. I can only say that I would normally expect it st scan at a rate of 1 or 2 folders per second, averaging around 100 folders per minute. Even so, it would still take over 6 hours to scan 39000 folders. The site root for this installation of WordPress might contain sub-directories containing other WordPress sites, this might explain the great number of folders on this scan. It is usually preferable to scan each site from within the wp-admin of that individual site and omit the directories which contain other websites that will be scanned separately.
The main issue though is the general slowness of the scan and you should look into the error_log files on the server to see if there are any errors or warnings there that might explain the slow scanning. You can also check your browser’s Console for JavaScript errors that might be causing the page to load slowly. Ideally you would also want to look at the overall performance of the server and the current load that this server is under, but that would most likely be info that Bluehost would not share with it’s customers, even if they did have a good handle on those stats.
Beyond that there is only so much I can do when the software is running on other’s hardware that is out of my control. If there are no errors to remedy and the usual server performance boosts like increasing the memory_limit in your php.ini file on the server do not help then I can only suggest that you consider hosting your websites on a more secure hosting platform with a better performing server.
I will need to know more about where this script was found in order to add this threat to my definition updates. Can you tell me if this was found in your database or in a file on your server?
The encoding get converted when you post anything to a forum so It would be better if you can email me directly with the infected files attached or the SQL backup file if it was found in your database.
December 18, 2023 at 3:28 am in reply to: Automatically Fix SELECTED Files Now Taking time too remove #115279What do you see if you click the button that says “If this is taking too long, click here”? We need to see there error message.
If there is nothing there then please check the error_log file on your server to what is causing this. Ask you hosting provider for help locating the error_log files if you are not sure where to find them.
This site may have some JavaScript errors on the wp-admin pages that are preventing the definition updates from posting correctly. Check the browser console for any errors on that page, and also check the error_logs on your server to see if there are any issues there that might be preventing the update.
Send me any error messages that you find and I can help you further.
December 15, 2023 at 1:44 pm in reply to: I need help, I can make a donation, I have a virus on my website, I already scan #115171Simple solution here: Those “Potential Threats” are just part of the preliminary scan which looks for the use of commonly abused functions. To scan for any “Known Threats” and access the Automatic Fix option all you need to do is to register your key and download the latest definition updates, then the Complete Scan will enable you to fix the Known Threats that are fond in any future scans with one click
Your hosting support did not understand or explain the problem correctly, but I can help make it clear and present a workaround for you to use to get rid of that error without disabling the Brute-Force Protection.
First, just to clarify, the first part of that if statement on linw 1 or your wp-config.php file is not limit the protection to one IP but rather to exclude the given IP from the Brute-Force Protect (effectively whitelisting your originally detected admin IP address).
if (!in_array($_SERVER["REMOTE_ADDR"], array(“*********”)) && file_exists(…
The problem is that your cronjob executes the PHP process without setting the $_SERVER environment variable indexed as “REMOTE_ADDR”. This causes the PHP Warning message you are seeing.
The simplest solution is to just remove that first condition from the if statement, leaving the file_exists condition intact. This would result in the first line of your wp-config.php file starting like this:
if (file_exists(…
Please let me know if you need any further assistance with this.
I’m not sure what problem you are reporting. Do you mean that the plugin is showing files as infected that are really not infected, or that the plugin is completely missing files that are actually infected?
Please send me attachments of the pertinent files so that I can better access what the problem is and how I can fix this for you.
Just following up to let you know that this last one has been added too. Please download the latest definition updates and run the complete scan again to see if any more of these are found.
Thanks for sending me your login. It looks like all your past scans were only looking in the wp-content folder, so I set the scan option to include the whole www directory which includes every folder on your site and the scanner then found the remaining 3 threat.
The redirect appears to be gone for now but I would suggests that you scan every day for the next week or so, just to make sure it does not come back. It only takes 6 minutes to scan your entire site so I would leave the scanner settings on the www directory from now on.
Please let me know if you have any more trouble. I would be glad to look at it again if there is something I missed.
I think what’s going on is that my Anti-Malware is removing some of the code from your theme that is not malicious when it takes out the really bad code, and that is causing an error in your theme since some of the code it needs is now gone.
I have just updated my malware definition database so that it will not remove good code needed by this theme and only remove the malicious code that was injected into your theme files.
Please download the latest definition updates and let me know if that works for you.
Thank you for reporting this to me. I am working on a resolution now…
Would it be possible for you to send me the error_log file from your server so that I exactly what is causing the error?
I am guessing that it is a syntax error in one of your theme files, but it would help me to see which one has the issue and what line the error is on.
Yes, I can help you find a resolution to this problem you are having.
Are all on these sites running the same version of PHP, what version is running on the site that does not start a session?
Can you try to start a session outside of WordPress?
Maybe you can create a new test.php file in the root of this site and add these few lines of code:
<?php
if (!session_id())
@session_start();
if (!isset($_SESSION["date"]))
$_SESSION["date"] = date("Y-m-d H:i:s");
echo "session started ".$_SESSION["date"];
You can also check the error_log file on your server just after you get the “Error Your Server could not start a Session!” message from my plugin, to see if there are any error details in the log that will tell us why your server cannot start a session on this site even if it can on the other sites.
Let me know how that goes and I can help you further after seeing the results of these tests.
Did my plugin identify and clean that file when you ran the Complete Scan?
If not then please email that file to me directly so that I can add it to my definition updates.
There is a recovery option on the results page that uses the backup in your Anti-Malware Quarantine, but your site appears to be block by some additional security measures that require htaccess authentication. Can you please contact me directly by replying to this email notification so that I can help you recover the damaged file?
Both of these files are actually part of the WP Core installation. I’m not sure why they won’t scan but those are both rather large files so perhaps there is just not enough memory allocated to your PHP processes on your server to read and scan those files. You can try increasing the memory_limit value in the php.ini file on your server.
-
AuthorPosts
