New to the community? Start here

[Defender Pro] Too many files are reported false positives.

I have ongoing issues with too many files being reported by Defender, which are false positives :slight_frown:

Example is a file called “hooks.php”.

Although it’s being reported and recommends to check “red flagged” code, there are no red flags displayed at all.
Same goes for other files that are being reported. Unchecking or ignoring those many files is really hurting my productivity and daily operations, because this happens on all sites that contain multiple plugins.

Sun, 20 Oct 2019 11:30:19
More Defender Pro discussions
Defender Pro
  • sascha
    • Code Wrangler

    Hi Kasia, thank you for your reply.
    Support is granted now and I have also extended for 5 days, so you should be fine.
    I had provided FTP-login (user “[email protected]:wink: too, is that not working as well, or only WP-Login not working for you?
    Actually I have checked both credentials before giving them to your support-colleague. He has also checked and confirmed that they were working.
    I have updated the WP-Login, so the Password for your FTP-User is now the same as for “techmin” user to access the WP.
    Kind regards,
    Sascha

  • Rupok
    • Ex Staff

    Hi Sascha,

    Thanks for granting Support Access. I’ve checked the first few alerts provided by Defender Pro. Let me explain those here.

    hooks.php : That file has code which uses the unserialize function which could be a security issue if not used properly. I’ll suggest you to have a look at the following article: https://www.netsparker.com/blog/web-security/untrusted-data-unserialize-php/

    Defender could ignore that, but then if that code caused any issue, then the purpose of Defender (which is securing your website) would fail.

    Templates.php : This file is using eval() function which is also not suggested. That function can be used in a completely safe environment, or used safely, but for a plugin (Defender), it’s not possible to understand the purpose of that function. So, to keep you on the safe side, the warning is shown.

    Other alerts are pretty much same. I totally understand that it’s inconvenient to have so many warnings about all the suspicious functions or codes, but it’s for the safety of your own site. So you can ignore all of them if you are 100% sure about the purpose and usage of those functions in those files. Those warnings should not stop any functionality of your website. Or, if you have a very clear idea about the code in all the themes and plugins of your site, you can also disable all three scan types by going to your website Dashboard > Defender Pro > File Scanning > Settings section. But that will make your site less safe I believe.

    Please let us know your feedback on this so we can make our Defender Pro plugin better and more user-friendly.

    Regards,
    Rupok