{"id":1142,"date":"2015-04-20T12:30:30","date_gmt":"2015-04-20T16:30:30","guid":{"rendered":"http:\/\/www.blogseye.com\/?p=1142"},"modified":"2015-04-20T12:30:30","modified_gmt":"2015-04-20T16:30:30","slug":"sucuri-false-positive-on-stop-spammers-plugin","status":"publish","type":"post","link":"http:\/\/blogseye\/2015\/04\/sucuri-false-positive-on-stop-spammers-plugin.html","title":{"rendered":"Sucuri false positive on Stop Spammers Plugin"},"content":{"rendered":"

Sucuri found a match to it’s malware signatures in the Stop Spammers thread-scan module. It was a string that I found in a Sucuri blog post about a malware back door that was appearing in WordPress installs. I added the string to the threat-scan, hoping to catch some sites with with the back door.
\nWhat happened was that Sucuri caught me. It thought that the malware signature was actually part of a real malware infection.
\nI had grabbed what I thought was the smallest unique part of the string to do my scans. Evidently that was enough for Sucuri to detect and report my plugin as Malware.
\nI have removed the check. If you want a complete check you need to send $200 to Sucuri.
\nIn the mean time, I’ve decided to add different kinds of check to the Threat-Scan in Stop Spammers. So far I’ve been checking against incoming IP addresses. I thought it would be fun to use the spam check modules to check against the IP of the website itself.
\nThis is going to drive people crazy when they find out their website is a source of spam.<\/p>\n","protected":false},"excerpt":{"rendered":"

Sucuri found a match to it’s malware signatures in the Stop Spammers thread-scan module. It was a string that I found in a Sucuri blog post about a malware back door that was appearing in WordPress installs. I added the string to the threat-scan, hoping to catch some sites with with the back door. What […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts\/1142"}],"collection":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/comments?post=1142"}],"version-history":[{"count":1,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts\/1142\/revisions"}],"predecessor-version":[{"id":1143,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts\/1142\/revisions\/1143"}],"wp:attachment":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/media?parent=1142"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/categories?post=1142"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/tags?post=1142"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}