Spanish translation added in last release

Thanks to Andrew Kurtis of my plugin has now been translated into Spanish of by Jelena Kovacevic. The new language files were tested and packaged in the last release. Now, if you have WPLANG defined as ‘es_ES’ in your wp-config.php file then the Anti-Malware Settings and Scan pages will be output en Español :-)

I’m also thinking of creating a facebook page for my plugin to get more feedback and collaboration form my users. Have some big ideas I would like share and get some help with to move this plugin forward. Leave a comment here and let me know what you think. Would you follow me on facebook? comment, Yes or No.

New scan engine that works better on large file systems

I released the new scan engine in version today. This is the scan process that I’ve had available as a BETA for a couple months but it was not ready for release until now. It take longer because it breaks the scan into smaller processes that complete independently of the scan initiation process. This has a better success rate (especially on server with lots of files or minimal memory) and allows for better error handling.

So there are now two types of scans:

  • Quick Scan – Good for small file systems, fast servers, or sites that have post restriction.
  • Complete Scan – Good for large file systems, servers with irregular permission issues, or low memory allocation.

The Automatic Fix process and File Viewer have been improved too. It loads nicer now and you can move this new pop-up window around on the page :-).

Please give me feedback on these new features and scan options.

Aloha, Eli

New Scan Process for Large Filesystems in BETA Release – Anti-Malware Plugin

I have written a new scan engine to address the problem of hanging on large scans. This new process leverages dynamic JavaScript includes to break the scan job into smaller pieces that your server can handle more easily. For most people with the hanging scan problem this new version works great but I have seen one site with over 100,000 files where the heavy JavaScript caused the client’s browser to crash. So, this update is not for everyone. This plugin now has over 10,000 downloads and I don’t want to release a questionable update on so many people. I will continue to work on it for a future release but it will only be available upon request until I have it working better. If your scans are hanging up before reaching 100% then contact me and I’ll get you the BETA.

Keeping this plugin cutting-edge with new features and up-to-date with the latest definitions for removing new threats is a lot of work. Please make a donation to support my continued development and enhancement of this plugin.

via New Scan Process for Large Filesystems in BETA Release – GOTMLS.NET.

I need your help! – Anti-Malware plugin for WordPress

Well, this Plugin has been out for three months now and has been downloaded over 7,200 times. I’ve received loads of great comments and email about how well it has done removing real threats from people’s servers. However, some people have had trouble getting it to do a large scan on servers without much memory. I have tried many different way of around this but there seems to be no easy way around this problem on some servers.

So, I have decided to take a different approach. I have started rewriting the scan engine and breaking down the scanning process into multiple executions of smaller processes. This will make for a more accurate progress bar, allow for better error handling, and run more efficiently on servers without much memory. So far I have stayed clear of charging out right for this plugin but, to be perfectly honest, I need to start getting more financial support for all the work I am putting into this project. I don’t want to turn anyone who need help away because of their inability to pay. However, I have a family to support and this project doesn’t pay the bills (but I believe it can). If everyone who has registered donated $12 dollars then I could devote myself to this project full-time and everyone will benefit from better protection for their site. I know some of you cannot do this but others can donate even more. Think of how much this plugin is worth to you and donate accordingly.

I will be contacting all of you who have registered, asking for your support, over the next month or so. I feel certain we can make this project a success without blocking access to those who don’t have the means to pay. I’ve already gotten a fair few donations from ecstatic voluntary donors. One such donor I’d like to mention is Graeme Morris of who not only gave a generous donation but also designed my new Gravatar/Logo. He said: “Your plugin really saved my site, I really want you to develop it more.”

Thank you all for your generous support!

via I need your help! – GOTMLS.NET.

So far, so good

Less than a month in the WordPress Repository and already over 1,400 downloads. There is definitely an unmet need for a Plugin like this. Despite the instant popularity and success of my Malware Removal techniques, even with all the great comments and thanks that I am getting for actively fighting back against these defacement and redirection hacks, I have just come under some criticism from the “Half-Elf” Plugin Monitor, Ipstenu. Though I feel that my strategy in fighting infections is efficient, effective, and easy to implement, she seems to think it is too risky to actually do something about the infected files and suggested I just notify the user of infections like some other security plugins do. To me, it is that very fact that my Plugin can automatically fix the problems it finds that sets it apart from the others. I wrote this software for myself, so that I could easily remove widespread infections on a shared server with one click. Then I made the code available as a WordPress Plugin to be really helpful to those that could not otherwise clear up their infected servers. This Plugin actually removes “Known Threats” from a file, keeping the rest of the file intact, and it even makes a backup of the file before making changes. How cool is that? I’m not one to brag but I must admit I am quite proud of this accomplishment.

I wonder how many people have broken there whole site, by removing a file that was needed by WordPress, because some would-be helpful plugin told them it was infected but couldn’t or wouldn’t fix it. Or, how many people paid Securi to fix their infestation of malicious scripts when my Plugin might have done it for them. I’m not saying this Plugin I wrote is a fix-all for any infection, but what it does, it does well. I wrote it for a specific type of infection and continue to expand it’s range and capabilities as more information comes in from my users.

I am dedicated to seeing this project though and maintaining a successful front line against these malicious infection. With continually growing support from the WordPress community I know that I can grow this program to meet more and more needs and combat new threats as they are discovered.

A big thanks to all those who have commented and rated this Plugin and even more thanks to those who have Donated! You are all keeping this effort alive and letting WordPress know that this Plugin is appreciated.


Now available in the WordPress Repository

I just released my new Anti-Malware plugin for WordPress. It is still in BETA but I think it will be very helpful in removing malicious scripts and patching security vulnerabilities.

An example scan that found some threats

Please leave feedback and donate whenever possible.

I’m working on an Anti-Malware plugin for WordPress.

I haven’t posted anything this whole month because one of my servers got hacked and I’ve spent the last three week working on a new plugin to scan and remove malicious software from my server.

It wasn’t enough for me to just remove the hack. I had to make sure it wouldn’t come back and because it was such a widespread exploit I thought it would be good to release a plugin for other website admins to check their site for themselves.

I looks like my infestation of nasty scripts came in through a vulnerability in an older version of timthumb.php. Apparently any version older that 2.0 can be used to place a file on the server. If that file is a back-door of some kind then the person who put it there could have full access to your server.

I’m still testing and working out the kinks in my security scanner but it should be ready soon…