Security & Malware scan by CleanTalk


Security features

  • Security FireWall to filter access to your site by IP, Networks or Countries
  • Web Application Security Firewall
  • Security Malware scanner with AntiVirus functions
  • Daily auto malware scan
  • Stops brute force attacks to hack passwords(Like Fail2ban)
  • Stops brute force attacks to find WordPress accounts(Like Fail2ban)
  • Limit Login Attempts
  • Security Protection for WordPress login form
  • Security Protection for WordPress backend
  • Security daily report to email
  • Security audit log
  • Security Real-time traffic monitor
  • Checking Outbound Links
  • Two Factor Authentication
  • No Malware – No Google Penalties. Give your SEO boost.
  • Custom wp-login URL
  • Notifications of administrator users authorizations to your website
  • Backend PHP logs
  • Hide Login Default Login Page

CleanTalk is a Cloud security service that protects your website from online threats and provides you great security instruments to control your website security. We provide detailed security stats for all of our security features to have a full control of security. All security logs are stored in the cloud for 45 days.

Security FireWall by CleanTalk is a free plugin which works with the premium Cloud security service This security plugin as a service

Malware always becomes a headache for site owners. If you don’t regularly check for malware, it will be able to work insensibly a lot of time and damage your reputation. If you prevent malware attacks before they happen, you will be able to save your resources.

What is malware and why does it matter to your business? Malware is malicious code that performs actions for hackers. If your site has been infected with malware it will be able a problem for customer trust and their personal details. First, you need to scan your site to confirm the malware exists. The next step you should fix all files with malware.

Limit Login Attempts

Limit Login Attempts – is a part of brute-force protection and security firewall.

Security Firewall has a limit for requests to your website (by default 1000 requests per hour, so you can change it) and if any IP exceed this threshold it will be added to security firewall for next 24 hours. It allows you to break some of the DDoS attacks.

Brute Force Protection

It adds a few seconds delay for any failed attempt to login to WordPress admin area. WordPress Security & Firewall by CleanTalk makes access to your website more secure. Service will check your security log once per hour and if some IP’s have 10 and more attempts to log in per hour, then these IP’s will be banned for next 24 hours.

Security Audit Log keeps track of actions in the WP Dashboard to let you know what is happening on your blog.
With the Security Audit Log is very easy to see user activity in order to understand what changes have done and who made them.
Security Audit Log shows who logged in and when and how much time they spent on each page.

Security Traffic Control

CleanTalk security Traffic Control will track every single visitor no matter if they are using JavaScript or not and provides many valuable traffic parameters.

Another option in Security Traffic Control – “Block user after requests amounts more than” – blocks access to the site for any IP that has exceeded the number of HTTP requests per hour. If this number of requests will be exceeded, this IP will be added to the Security FireWall Black List for 24 hours.

Security Firewall

To enhance the security of your site, you can use the CleanTalk Security FireWall, which will allow you to block access by HTTP/HTTPS to your website for individual IP addresses, IP networks and block access to users from specific countries. Use personal BlackList to block IP addresses with a suspicious activity to enhance the WordPress security.

Security FireWall may significantly reduce the risk of hacking and reduces the load on your web server.

CleanTalk Security is fully compatible with the most popular VPN services.
Also, CleanTalk security supports all search engines Google, Bing, Yahoo, Baidu, MSN, Yandex and etc.

Security Malware Scanner

Scans WordPress files for hacker files or code for hacker code.

Security Malware Scanner runs manually in the settings. All of the results will send in your Security CleanTalk Dashboard with the details and you will be able to investigate them and see if that was a legitimate change or some bad code was injected.

CleanTalk Antivirus protects your website from viruses and deletes infected code from files. Antivirus scans not only WP core, it will check all of the files on your WordPress. Heuristics antivirus scan allows finding malware/viruses code by bad php constructions.

CleanTalk Security has a “Feedback System” for analyzing suspicious files. This is the client-server feature in CleanTalk Security that allows sending suspicious files from the WordPress backend to CleanTalk cloud.

Security Malware Scanner shows a list of suspicious files and you can view code that was indicated as bad. If you don’t have programming experience and don’t know, is there security issue or not, you will be able to send some files to CleanTalk and we will check them for malware code. After checking we will send you an email notification with results, is there viruses or not.

Every day, CleanTalk Security Malware Scanner will check new files and files that have been changed from the last scanning.

Please, look at our guide How malware file analysis works.
About Scanner Feedback System

Security Malware Heuristic Check

This option allows you to check files of plugins and themes with heuristic analysis. Probably it will find more than you expect.

Security Malware scanner to find SQL Injections

The CleanTalk Security Malware Scanner allows you to find code that allows performing SQL injection. It is this problem that the scanner solves.

CleanTalk Web Application FireWall for WordPress Security Plugin

The main purpose of Security Web Application FireWall is to protect the Web application from unauthorized access, even if there are critical vulnerabilities.

Security Web Application FireWall catches all requests to your website and checks HTTP parameters that include: SQL Injection, Cross Site Scripting (XSS), uploading files from non-authorised users, PHP constructions/code, the presence of malicious code in the downloaded files.

In addition to effective information security and information security applications are required to know what is quality of protection and CleanTalk Security has logged all blocked requests that allow you to know and analyze accurate information. You can see your Cleantalk Security Logs in your Control panel.

Security CleanTalk Web Application FireWall for WordPress is the proactive defense against known and unknown vulnerabilities to prevent hacks in real-time.

Learn more how to set up and test
About Security Web Application Firewall

Improve your website security with Two Factor Authentication

It requires a bit of your time but Two Factor (2 Step) Authentication immediately gives a much higher level of security.

With your first authorization, the CleanTalk Security plugin remembers your browser and you won’t have to input your authorization code every time anymore. However, if you started to use a new device or a new browser then you are required to input your security authorization code. CleanTalk security plugin will remember your browser for 30 days.

Change the URL of the wp-login page

This option helps you change the default wp-login URL. Hackers use scripts for massive brute-force attacks, and since most sites use a default login page URL, hackers configure scripts for such URLs. When you change the URL of the authorization page, hackers will not have the opportunity to perform brute-force attacks in scripts in automatic mode.

To enable the option, go to the WP Dashboard plugin settings -> Settings -> Security by CleanTalk -> General Settings and check box Change address to login script. Then add a new URL and click Save Settings.
This option does not change files and does not rewrite URLs in system files. To return the address of the default authorization page, it is enough to disable the option in the plugin settings or set a new value.

If you are using caching plugins, then you need to add a new authorization page in the caching exceptions.

Can I use CleanTalk Security and Wordfence together

Sure, you can use CleanTalk Security and Wordfence. Quite often we get question from our customers, will there be a conflict between CleanTalk and Wordfence? We tested CleanTalk Security and Wordfence working together and they work without any conflicts.

Email Notifications when administrators are logged in

We added this option to our security plugin. Now you can receive notifications if you want to know about an unauthorized entrance to your WP Dashboard.

Notification will be sent only when a user was able to authorize entering login and password. If you …


  • Firewall log tab. The log includes detailed info about each of visitor that reached the site and his firewall check status. Also show Traffic Control activity for the user.
  • Security Log tab. The log includes list of Brute force attacks or failed logins and list of successful logins for up to 45 days. The plugin keeps the log on CleanTalk servers to make the log not accessible for hackers.
  • General settings tab. Here you can manage all the plugin settings.
  • General settings - authentication and log in. Here you can manage Brute-Force protection, 2FA auth and change login URL.
  • General settings - firewall. Here you can manage Firewall modules and Traffic Control settings.
  • General settings - scanner. Here you can manage automatic scanner start, types of checks, directories exclusions for scanner and enable important files monitoring.
  • General settings - admin bar. Here you can set behavior of admin bar module.
  • Admin bar. How the admin bar module looks.
  • General settings - trusted text. Here you can manage your affiliate links and trusted text shown for visitors.
  • Trusted text. How the trusted text looks.
  • Malware scanner tab. Here you can scan all WordPress files for malicious and suspicious code and see the result.
  • Malware scanner results - critical. There is a list of files that contains dangerous code or malware signatures.
  • Malware scanner results - suspicious. There is a list of files that contains suspicious code.
  • Malware scanner results - approved. There is a list of files that were approved by user, Cloud analysis or CleanTalk team.
  • Malware scanner results - analysis log. There is a list of files that were sent for Cloud Malware Scanner analysis and their status.
  • Malware scanner results - unknown. There is a list of files that contain no malware, but they are not a part of WordPress core or plugins/themes.
  • Malware scanner results - cured. There is a list of files that have been automatically cured.
  • Malware scanner results - frontend malware. There is a list of frontend pages that contains malicious HTML/JavaScript code.
  • Malware scanner results - unsafe permissions. There is a list of files that could be reached by a hacker because of unsafe permission set.
  • Malware scanner results - file monitoring. There is a list of important files and their snapshots. You can use this to know if they were changed.
  • Malware scanner results - snapshot. How the important file snapshot looks.
  • Malware scanner results - PFD report. How the PDF report of scan results looks.
  • Backups interface. How the backups interface looks.
  • Summary tab. The general info about the plugin state.
  • Templates interface. Using this interface you can apply the settings from another site of your CleanTalk account or a template saved before.
  • Example of blocking page - Firewall. If the visitor IP is in hazardous net list or blacklisted in your personal list, he will see this screen.
  • Example of blocking page - XSS. If the visitor attempts to implement XXS, he will see this screen.
  • Example of blocking page - SQL. If the visitor attempts to implement SQL injection, he will see this screen.
  • Example of blocking page - Brute-Force. If the visitor tried to use wrong credentials for many times, he will see this screen.
  • Example of blocking page - Traffic Control. If the visitor has requested site pages too often, he will see this screen.
  • File System Watcher tab. File System Watcher interface.


Why are they attacking me?

Hackers want to get access to your website and use it to get backlinks from your site to improve their site’s PageRank or redirect your visitors to malicious sites or use your website to send spam and viruses or other attacks.These attacks can damage your reputation with readers and commentators if you fail to tackle it. It is not uncommon for some WordPress websites to receive hundreds or even thousands of attacks every week. However, by using the Security CleanTalk plugin, all attacks will be stopped on your WordPress website.

How to install the plugin?

Installing the plugin is very simple and does not require much time or special knowledge.

Manual installation

  1. Download latest version on your computer’s hard drive,

  1. Go to your WordPress Dashboard->Plugins->Add New->Upload CleanTalk zip file.

  2. Click Install Now and Activate.

  3. After activated, go to plugin settings. Then you will need to create an API key, this is done automatically for you. Just click on “Get access key automatically”

Installation completed successfully.

Installation from directory

  1. Navigate to Plugins Menu option in your WordPress administration panel and click the button “Add New”.

  2. Type CleanTalk in the Search box, and click Search plugins.

  3. When the results are displayed, click Install Now.

  4. Select Install Now.

  5. Then choose to Activate the plugin.

  6. After activated, go to plugin settings. Then you will need to create an API key, this is done automatically for you. Just click on “Get access key automatically”

Installation completed successfully.

How to test the security service?

Please use the wrong username or password to log-in to your WP admin panel to see how the Security Plugin works. Then you may log-in with your correct account name and see the logs for the last actions in the settings or our plugin. Also, Audit Log will display the last visited URL’s of the current user.

Is the plugin compatible with WordPress MultiUser (WPMU or WordPress network)?

Yes, the plugin is compatible with WordPress MultiUser.

How to control security activities on your website?

Go to your CleanTalk account->Log. Use filters to sort data for analyses.

Security logs provide you to receive and keep information for 45 days. You have the following possibilities:
1. Time period for all records you want to see.

  1. Website for which you want to see security records. Leave the field empty to see security records for all websites.

  2. Choose an event you want to see:

    • Authorization Login — all successful logins to your website.
    • Authorization Logout — all closed sessions.
    • Authorization Invalid username — login attempts with not existing username.
    • Authorization Auth failed — wrong password login attempts.
    • Audit View — records of actions and events of users in your website backend.
  3. Searching records by IP address.

  4. Searching records by country.

There are date and time of events for each record, username who performed an action and his IP (country) address. How to use Security Log

Is it possible to set custom email for notification?

Yes, it is possible. Go to your CleanTalk account->Change email

Why do you need an access key?

Access Key allows you to keep statistics up to 45 days in the cloud and different additional settings and has more possibilities to sort the data and analyses. Our plugin evolves to Cloud Technology and all its logs are transferred to Cloud. Cloud Service takes data processing and data storage and allows to reduce your webserver load.

How to use Security Log

  • First go to your Security Dashboard. Choose “Site Security” in the “Services” menu.
    • Then go to your Security Log.

You have the following possibilities:

  • Time period for all records you want to see.
  • Website for which you want to see security records. Leave the field empty to see security records for all websites.

Choose an event you want to see:

  • Authorization Login — all successful logins to your website.
  • Authorization Logout — all closed sessions.
  • Authorization Invalid username — login attempts with not existing username.
  • Authorization Auth failed — wrong password login attempts.

Audit View — records of actions and events of users in your website backend.

  • Searching records by IP address.
  • Searching records by username.
  • Searching records by country.

List of records. Each record has the following columns:

  • Date — when the event happened.
  • User Log — who performed actions.
  • Event — what did he do.
  • Status — was he Passed or Banned.
  • IP — his IP address.
  • Country — what country that IP belongs to.
  • Details — some details if they are available.

Please, read more

If you wish to block some countries from visiting your website, please, use this instruction:

How to use Security Firewall

First go to your Security Dashboard. Choose “Site Security” in the “Services” menu. Then press the line “Black&White Lists” under the name of your website.

You can add records of different types to your black list or white list:

  • IP-Addresses (For example,
  • Subnets (For example,
  • Countries. Click the line “Add a country” to blacklist or whitelist all IP-addresses of the chosen countries.

The records can be added one by one or all at once using separators: comma, semicolon, space, tab or new line. After filling the field press the button “Whitelist” or “Blacklist”. All added records will be displayed in your list below. Please note, all changes will be applied in 5-10 minutes.

Please, read full instruction here

How to test Security Firewall?

  1. Open another browser or enter the incognito mode.
  2. Type address YOUR_WEBSITE/?security_test_ip=ANY_IP_FROM_BLACK_LIST
    2.1 Address is local address and it’s in blacklist constantly. So address YOUR_WEBSITE/?security_test_ip= will works everytime.
  3. Make sure that you saw page with the blocking message.
  4. FireWall works properly, if it is not, see item 4 of the list.

How does malware scanner work?

Malware scanner will check and compare with the original WP files and show you what files were changed, deleted or added. Malware scanner could be used to find an added code in WP files. On your Malware Security Log page, you will see the list of all scans that were performed for your website. The CleanTalk Cloud saves the list of the found files for you to know where to look them for.

How to start malware scanner?

At the moment malware scanner may be started one time per day and manually.
To start malware scanner go to the WordPress Admin Page —> Settings —> Security by CleanTalk —> “Malware Scanner” tab —> Perform Scan.
Give the Malware Scanner some time to check all necessary files on your website.

Is it free or paid?

The plugin is free. But the plugin uses CleanTalk cloud security service. You have to register an account and then you will receive a free trial to test. When the trial (on CleanTalk account) is finished, you can renew the subscription for 1 year or deactivate the Security by CleanTalk plugin.
If you haven’t got access key, the plugin will work and you will have logs only on the plugin settings page for last 20 requests.

What happens after the end of the trial period?

The plugin will fully perform its functions after the end of the trial period and will protect your website from brute force attacks and will keep Action Log in your WP Dashboard, but the number of entries in the log will be limited to the last 20 entries/24 hours. Also, you will receive a short daily security report to your email.

Premium version allows to storage all logs for 45 days in the CleanTalk Dashboard for further analysis.

Brute Force security for WordPress

Brute force attack is an exhaustive password search to get full access to an Administrator account. Passwords are not the hard part for hackers taking into account the quantity of sent password variants per second and the big amount of IP-addresses.

Brute force attack is one of the most security issues as an intruder gets full access to your website and can change your code. Consequences of these break-ins might be grievous, your website could be added to the [botnet] and it could participate in attacks to other websites, it could be used to keep hidden links or automatic redirection to a suspicious website. Consequences for your website reputation might be very grievous.

Why is the CleanTalk Security Plugin Added to the Must Use Section?

This is required for the Security FireWall to function properly. Plugins that are placed in this section are being launched first, so it is very important that the Security FireWall is launched before any plugins and …


19 februari 2024 1 reactie
I had a big problem for months with code getting injected into my website was driving me crazy using the highest rated plugin, i had to fix this so tried the clean talk plugin and ℹ couldn’t believe but it cleaned it stopped it full time! it found strange file so i talked support the issue was fixed instantly absolutely brilliant support! I have to say you saved me a wordpress reinstall!! 12 out of 10 guys 👍
19 februari 2024 1 reactie
Love this plugin. CleanTalk has done it again. Originally started with the Anti Spam which is remarkable and when they came out with Security and Malware gave it a try and soon switched all of my sites to it.
17 februari 2024 1 reactie
Very happy with the timely response by the agent. I feel better knowing there's someone at the other end even on weekends. Great protection and stats.
15 februari 2024 1 reactie
Наверно, лучшая защита сайтов, так как другой не пользовался, но меня полностью устраивает. Техподдержка тоже на высоком уровне. Probably the best site protection, since I haven't used another one, but it suits me completely. Technical support is also at a high level.
13 februari 2024 1 reactie
Have been using CleanTalk for so many years now and it keeps protecting my sites perfectly. For sure it has my recommendation with full 5 stars.
Lees alle 298 beoordelingen

Bijdragers & ontwikkelaars

“Security & Malware scan by CleanTalk” is open source software. De volgende personen hebben bijgedragen aan deze plugin.


“Security & Malware scan by CleanTalk” is vertaald in 4 talen. Dank voor de vertalers voor hun bijdragen.

Vertaal “Security & Malware scan by CleanTalk” naar jouw taal.

Interesse in ontwikkeling?

Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.


2.129 Feb 26 2024

  • Upd. Scanner accordions. Text and HTML updated.
  • Upd. Vulnerability alarm. Added check to install and update process.
  • Upd. FSWatcher. Refactoring settings, add file view, fix dates format.
  • Upd. Heuristic. Removed checking inline js.
  • Fix. Vulnerability alarm. Unexpected type of plugin data handled.
  • Fix. HTTP. Request. Fixed socket error handling.
  • Upd. Debug call. Added las scan result. Connection check skipped if no get param “do_test_connection” added.
  • Fix. Cron. Scanner background. Transaction parsed. Cron “scanner_launch” update implemented instead of adding new.
  • Upd. SecFW. Added ipv6 count to summary.
  • Fix. Settings. 2FA option fixed.
  • Fix. CDNheaders. Check type of stored serialized value before unserialize.
  • Fix. Get CMS hashes. Preventing errors of other actions for hook “plugins_api”.
  • Upd. Heuristic. Skipping svg in long line check.
  • Fix. Vulnerability alarm. Checking installed plugins fixed.
  • Fix. Schema. Redundant columns analysis_status and analysis_comment removed.
  • Fix. FS Watcher. FS Watcher description fixed.
  • Fix. Scanner. Default service data State fixed.
  • Fix. Vulnerability alarm. Skip saving apps info without versions.
  • Fix. Scanner. Frontend malware accordion fixed.
  • Fix. CDNHeadersChecker. Run 1m cron instead of immediate run on settings save.

2.128.1 Feb 21 2024

  • Fix. Test connection. Do not check response code on testing connection.
  • Fix. Common. Redundant expression removed.

2.128 Feb 12 2024

  • New. Calling cloud user_data_update during dismissing review notice.
  • New. System plugins. Vulnerability alarms implemented.
  • Fix. Settings. Show stored IPs count in the summary block.
  • Upd. SecFW. Switch to direct update if updating is freezing.
  • Upd. Scan. Auto send suspicious files.

2.127 Jan 29 2024

  • New. File System Journal feature implemented.
  • New. CodeStyle. Use new hasPHPOpenTags() to skip files with no actual PHP code.
  • Fix. Settings. Changed the period in the message
  • Fix. Auth. Change text.
  • Fix. Settings. Refactoring settings page
  • Fix. Scanner file send. Fix processing statuses if user has files that were send for analysis on old scanner versions.
  • Fix. 2FA. Show role Subscriber, correction of user data verification
  • Fix. Settings. Getting API key errors display.
  • Fix. FS Watcher. Selecting snapshots fixed.
  • Fix. Settings. ListTable unused attribute data-before removed.
  • Fix. Scanner. Suspicious items display fixed.

2.126.1 Jan 24 2024

  • Fix. UploadChecker good result now skipped from logging.
  • Fix. Common. Database tables prefix usage implemented.

2.126 Jan 16 2024

  • New. Firewall update. All queue stages is logged now.
  • New. Scanner results. Now all the heuristic fired files being suspicious instead of critical.
  • New. Scanner. Sends suspicious files to cloud report.
  • New. Feature. CDN headers self check implemented.
  • New. UploadChecker. Checking archive in media uploader.
  • Mod. Code. UploadChecker.php extracted from WAF module.
  • Mod. Settings. Remove button “Delete” from Approved files accordion.
  • Mod. SQL. IP networks separated to v4/v6 tables to reduce database size.
  • Fix. Settings. Changed the period in the message.
  • Fix. Accordions. Red dot status fixed.
  • Fix. Code. mergeWithSavingNumericKeysRecursive() fixed.
  • Fix. Code. File sending. Fix DTO and results merging.
  • Fix. Code. SQL request for pages selector.
  • Fix. Lib. Localization global style.
  • Fix. Lib. Change headers logic for adaptive tales.

2.125 Dec 18 2023

  • New. Activator class implemented.
  • New. Deactivator class implemented.
  • Upd. Heuristic. Add math module.
  • Upd. Code. Common lib (heuristic) updated.
  • Fix. Scanner. Undefined data key fixed.
  • Fix. Scan. Added check for signatures count.
  • Fix. Settings. Getting Access Key message fixed.
  • Fix. SecFW. FW results priority fixed.
  • Fix. PHP 8.2 deprecated notice fixed (creation of dynamic property ::cookie_domain)
  • Fix. PHP 8.2 deprecated notice fixed (creation of dynamic property ::data__set_cookies)

2.124 Dec 05 2023

  • Fix. Table cells popup of hidden long text – CSS fixed.
  • Upd. Traffic control. TC logic updated.
  • Fix. FireWall. Statuses of the triggered networks displayed.
  • Upd. Scanner. Manual cure button implemented.

2.123 Nov 20 2023

  • Fix. Scanner. Files deletion. Comparison of site responses before and after actions added.
  • Fix. Heuristic. Command shell detection. Regex fixed.
  • Fix. Heuristic. Mathematics module fixed.
  • Fix. RenameLoginPage. Skip login renaming process for password-protected pages.
  • Fix. Integrations. Add Password-protected compatibility.
  • Fix. WafBlocker. Compatible with php8.
  • New. Scanner. Analysis bulk actions: deleting implemented.
  • Fix. Scan. Excluded invalid index.
  • Fix. Scan. Added retry for unstable connection.
  • Fix. SecFW. FireWall priority fixed.
  • Fix. Settings. Enqueue scanner-plugin.js script fixed.
  • Fix. Scan. Increasing amount dynamically.
  • Fix. Auth. Removed conflict with password protected pages.
  • Fix. Scan. Handling empty signature_found.
  • Upd. Settings. Additional headers IP getting option updated.
  • Mod. WAF blocker. New reason code “-10”. New description for blocking page.

2.122 Nov 08 2023

  • New. Scan. Hashes blacklists.
  • New. FireWall. New module added: WAF Blocker.
  • Update. Scan. Keep surroundings code of FMS weak in db.
  • Fix. SecFW. Updated the launch rule on wpms.
  • Fix. RenameLoginPage. Skip login renaming process for password-protected pages.
  • Fix. RenameLoginPage. Skip login renaming process for password-protected pages.
  • Fix. Heuristic. Command shell detection. Regex fixed.

2.121 Oct 25 2023

  • Update. Common. Getting ip from resource by option.
  • Update. Scanner. Hidden the listing backups and quarantine directories.
  • Update. Scanner. Added check line length and mark of unreadable.
  • Update. Scanner. Shell commands detection updated.
  • Fix. Notice. Show review banner only administrator.
  • Fix. Helpers. Data. Ignore unlink warnings.
  • Fix. Scanner. Delete row from analysis log.
  • Fix. Settings. Additional exclusions ruleset fixes.

2.120 Oct 09 2023

  • New. Scanner. Automatic send of critical files.
  • New. Scanner. Detecting shell commands into backticks implemented.
  • New. Scanner. Allow to send unknown files for analysis.
  • New. General. New readme and screenshots.
  • Update. Browser sign. Updated sign make logic, and count of remembered devices.
  • Update. Scanner. DANGER files moved to SUSPICIOUS accordion.
  • Update. Scanner. Improve view of suspicious code.
  • Fix. Scanner. Request an audit button fixed.
  • Fix. Scanner. Analysis log fixed.

2.119 Sep 25 2023

  • Fix. Scan. Improve directory filter.
  • New. Admin. Dashboard widget implemented.
  • Fix. Settings. Description about additional headers has been updated.
  • Mod. Heuristic package update. System function shell_exec() now gains “critical” severity.
  • Fix. FireWall. BruteForce protection fixed.
  • Fix. Scanner. Ot extensions support added.
  • Fix. Scanner results. Approved category updated.
  • Fix. System function shell_exec() now gains “critical” severity.
  • Fix. AMP integration
  • Fix. Security log. Security logs description fixed.
  • Fix. Scanner. Disapproving files fixed.
  • Fix. Scanner. Remove disapproving button for approved by CT.

2.118 Sep 11 2023

  • Upd: Scan. Added .ott files for scanning.
  • Fixed spbc_scanner__get_cure_log_data()
  • New. Settings. Drop state data to defaults and remove all the cron tasks on empty key entered.
  • Fix. Extended search for malware with SQL quotes (“).
  • Fix. From heuristic package. Entropy fix.
  • Fix to found superglobals in the code without semicolones
  • Empty key actions
  • Fixed Security Audit Banner, added this to Suspicious
  • Update. Firewall. Table save last 20 rows after send logs, instead of delete all.
  • Fix. Scanner. Unknown section fixed.

2.117 Aug 28 2023

  • New: Settings. Add ability to change admin email.
  • New: Heuristics. Detect super variables in the system commands.
  • New: Show different types of weakspots in severity order.
  • Upd: Scan. Find and show all malwares in Frontend Malware accordion.
  • Upd: Security. Improve security logs view.
  • Upd: Scan. Unset approved by ct status if no hash in list.
  • Upd: Scan. Added .otc files for scanning.

2.116 Aug 14 2023

  • New: WL. Added constants for custom description and FAQ link.
  • Fix: FW. Delete all lines after send fw logs.
  • Fix: WL. Support link in errors.
  • Fix: WL. Email 2FA fixed.
  • Fix: WL. Fixed block pages.
  • Fix: WL. There is no Templates if WL is active.

2.115 July 31 2023

  • New: Firewall. Protect login from brute force even if expired key.
  • New: Scanner. Added extensions to find malware.
  • Fix: Whitelabel. Added rules for check brand info.
  • Fix: Front Scanner. Fixed modal view suspicious code for drive by download malware.
  • Fix: General. Check response code on file delete.
  • Fix: Scanner. Bulk actions fixed and improved.
  • Fix: Scanner. Entropy analyse – Index invalid or out of range.
  • Ref: General. WP 6.3 compatibility. Fixed version checking before scanner run.
  • Ref: Rename login URl. For new instances default new login page rename.
  • Ref: Scanner. Accordeon fields custom length.

2.114 July 17 2023

  • New: Scanner. Added pop up with info how to fix file listening and unsafe permissions.
  • New: SecFW. Manage Firewall as option and refactored clear …