Just Check the box for Automatic Updates and click Save. Then you will have the Core Files definitions available.
There are no false positives in the Core File Changes scan. The contents of that file has certainly been altered from it’s original form. You or your developers may have modified that file and a Core File Change does not necessarily mean that it was modified maliciously, but it is unwise to modify WP Core Files and your theme changes should never effect the Core Files. You can click on this listing in my plugin’s results to see the contents and click on the [1] to see what lines have been modified. If you made these changes yourself then you can decide to keep the changes but I would recommend restoring the original file.
I’m sorry but this feature is not ready yet. There is currently no way to schedule a scan. However, I am working on a solution for this and I hope to have something available for testing by the end of the year.
Thanks for sending me your login. So it turns out it was a POST size limitation in your php.ini settings. I was able to use the automatic update method which you normally have to donate to unlock, but you could also talk to your hosting provider about increasing the post size limit on your server. You should be good to go from now on as you will only need incremental updates which are not as big as the initial update was.
Aloha, Eli
So, I think it’s all working now. Have you had a chance to try out the new version 4.15.45 of my plugin that I just released?
1. I have release a new plugin update that fixes that issue with the nonce tokens. Please download version 4.15.45 and let me know if you have any more problems.
2. Typically the default setting of -1 is best but if your scans are getting stuck part way through then you can try a small positive number like 4 or 6.
I just released an update to fix this. Please download the new version 4.15.44 and let me know if that works.
I replied directly to your posted question this morning.
This error is indicating that there was a 500 error response from the admin-ajax.php on the login page.
You can disable the login security by removing the first line of code that was added to your wp-config.php file.
You should also check the error_log files on your server to see what this 500 error is about.
If you want me to help you fix this directly you can email me with your FTP login and I’ll do it for you.
I just release me new version 4.15.43 which has the Quick Scan option for Core Files.
Please try it out and let me know what you think.
That is the manual update method. I don’t know what is blocking the update on your site but I’m sure the Automatic Update method will work for you.
If you are willing to send me your wp-admin login I will take a look at why you cannot save the updates.
So That means that it was probably a Core File that was infected. I will add a Quick Scan for the Core Files in the next release of my plugin so that kind of infection can be found more easily.
The custom output buffer handler called “Bot_Linker” is probably malicious and it’s probably the reason the Complete Scan is not working. Output buffer handlers can filter or alter the output and thus affect anything or everything on your site.
Have you tried the Quick Scans?
If you keep getting reinfected then you should move your site to a move secure server.
The last definition update should solve these errors for you. If you still get them after you download the update let me know.
Also, if that wp-content/index.php file is not identified and fixed by my plugin after this latest update then please send that file to me so that I can inspect it personally.
That’s a great suggestion for anyone with a site that is not WordPress.
