Comments (3)
akenion
commented on July 19, 2024
Additionally, the help messaging should be updated to indicate that only files matching certain patterns are scanned by default.
from wordfence-cli.
akenion
commented on July 19, 2024
The above PR also implements a shorthand -a flag as an alias for --include-all-files.
from wordfence-cli.
ewodrich
commented on July 19, 2024
Verified the changes are working as expected including the following:
- new command
β-include-all-filesand-adisplays in βhelp as expected, and that the help mentions "By default, only files matching certain extensions are scanned" - Scanning with
--include-all-filesworks as expected, without error. Also compared the number of files scanned using this option vs the total number of files skipped + total number of files scanned with default settings equal the same totals. - Scanning with
-aworks as expected, without error. Also compared the number of files scanned using this option vs the total number of files skipped + total number of files scanned with default settings equal the same totals. - Additional testing completed with new options that includes
- with Free key
- with Premium key
- scanning recursive symlinks work as before (see note below)
-aand--include-all-filesproduce the same number of files--include-files-pattern=.*produces same result as-a--include-filescontinues to work as intended--exclude-filescontinues to work as intended- using
-ain combination with--exclude-files-patternor--exclude-filesworks as anticipated by scanning all files except those defined to be excluded - results route to
--output-path
While testing this case, opened Case #74 for a new finding when scanning a directory with a symlink pointing above the target directory either producing an error or placing the scan into a loop.
from wordfence-cli.
Related Issues (20)
- Symlink detection, warning and scanning are not working as intended HOT 4
- Valid args placed in wordfence-cli.ini file result in "Ignoring unknown config setting" message even though they work HOT 2
- Supplying either -i (--include-vulnerability) or -e (--exclude-vulnerability) with a CVE ID with capital letters results in warning message "Unrecognized vulnerability identifier" HOT 1
- Mac: Error when using -x and -n options to include or exclude file(s) HOT 1
- Improve symlink handling for vuln-scan HOT 4
- Build RPM package HOT 2
- Add subcommand to count number of WordPress installations HOT 9
- Scanning directory containing sibling symlinks results in files being scanned multiple times HOT 3
- Scanning for sites with count-sites or vuln-scan on Mac fails when symlinks are present HOT 2
- Add status and error column to non-human output for all applicible subcommands
- Add number of sites scanned to the end of vuln-scan results
- Clarify error message in the event a scan does not complete due to IO error HOT 5
- Result queue can fill up causing malware scans to hang
- Feature: First Scan, Incremental Scan and On-demand Scan HOT 2
- Input from stdin isn't processed until an entire chunk is available HOT 1
- New Wordfence CLI install produces "Latin-1" UnicodeEncodeError HOT 11
- CLI misses malware reported by plugin HOT 2
- Implement vectorscan support to improve malware scan performance HOT 9
- On MacOS, when you remediate one or more files and enable debug logging, FileType.<TYPE> is output HOT 1
- Feature Request: Add argument to skip api.github.com version check HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wordfence-cli.