Webmaster Security

Do nulled scripts contain malware?

Submitted by leemonadestand, , Thread ID: 130912

Thread Closed

RE: Do nulled scripts contain malware?

#23
19-05-2019, 10:52 PM
tonyhawk Wrote:
Of course some nulled scripts contain backdoors - not so sure about malware - although it is possible.

There are some tools that analyze malware. For Wordpress it can be hit or miss. Because its so widely used, it's honestly one of the highest targeted softwares out there. I recently cleaned a client site that was infected with a botnet payload throughout many of the website core files.

Sucuri offers pretty good products and Wordpress firewall. They have a monthly plan that you can check out. Also Wordfence has been a great plugin for scanning files I've found. It helped me fine a lot of tricky stuff like where they scrolled far over or far down to hide encrypted strings in the php code. But yeah - it's a constant battle. If you want peace of mind, I'd suggest paying. I used to use vbulletin from vbteam for years and never had issues. I guess it depends on the team that is providing the null. Always check to see who is posting and look at their reputation.

Also another tool I highly recommend if you're running a vps or dedicated server is bitninja.io. Their WAF is great, as well as their server firewall and security.

21-05-2019, 12:03 AM
tonyhawk Wrote:
Yes, they scan for malicious code - backdoors being one of those.



Web Application Firewall.


Tonyhawk do you know of a scanner that can scan through scripts that aren't Wordpress plugins?

I have heard of others that got attacked... It's no fun trying to restore years of work.

Users browsing this thread: 1 Guest(s)