Now available in the WordPress Repository

I just released my new Anti-Malware plugin for WordPress. It is still in BETA but I think it will be very helpful in removing malicious scripts and patching security vulnerabilities.

An example scan that found some threats

Please leave feedback and donate whenever possible.

10 thoughts on “Now available in the WordPress Repository

  1. Tried using your software. It got stuck 92% of the way through a scan. I guess I’ll try logging out of WP to see if I can stop it.

    • You should check the folder it was scanning when it got stuck. Maybe you can find the file it got stuck on and skip it, or email me the file and I’ll see why it’s making my scanner hang and fix it.

  2. Figured out which plugin was causing it to hang, and have de-activated it. But now, it has found 15 potential threats but how’s a non-techie supposed to know if they really ARE dangerous?

    • Great! let me know which plugin was causing it to hang and I will see if I can fix that.

      “potential threats” are usually not malicious. I will try to rule out all the legitimate uses of powerful functions like eval() in future updates to the definitions file, but there are some many I felt it was better to show them to you and let examine them then to let them go unnoticed. If someone find that one of their “potential threats” is malicious and reports it to me I will add it to the list of “known threats”. Automatically removing “known threats” is what this plugin is really for.

      If you are still worried about the “potential threats” it found you should have someone look at them. My plug will highlight the potentially dangerous code for you if you click on the links.

  3. When I run the scans it doesn’t suggest anything to be removed. It just has lines and lines and lines of “Invalid Treat Level: potential” in red boxes. What should I do? Please email me if this doesn’t automatically email me. Thanks :)

    • Thanks for bringing this bug to my attention and for giving me access to your WP Admin. After registering your installation key I was able to Remove all the “Known Threats” from your server (over 600 infected files were cleaned). Now I have released an updated version of my Anti-Malware Plugin that does not give that error, even for unregistered users.

  4. Thanks for creating your anti-malware plug-in. I posted this to the WP forum regarding it but received no reply. So I am posting it here:

    When I try to scan http://www.neighborhood-voice.com, I get this message: Fatal error: Maximum execution time of 30 seconds exceeded in /home/neighborhoodvoic/neighborhood-voice.com/wp-content/plugins/gotmls/index.php.

    How can I fix this?

    Thanks in advance for your help.

    -M

    • Actually I did post a response to your question the first time you posted it, and I just replied to your second post on wordpress.org too. Perhaps you are not getting the reply notifications.

      Anyway, this is what I said:

      Try changing
      set_time_limit(30);
      to
      set_time_limit(60);
      on lines 229 and 259 of plugins/gotmls/index.php.

      Let me know if that doe not work. I have a new upgrade that may help but it’s not finished so I have not released it yet. I could test it out on your site if you would like.

      Aloha, Eli

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.