menu

SlickStack

A free LEMP stack automation script written in Bash designed to enhance and simplify WordPress provisioning, performance, and security.

Channels
Team

Hello, there is false-positive in one script

January 29, 2020 at 9:05am

January 29, 2020 at 12:07pm
Thanks for stopping by and reporting this to us. Do you mind creating a new Issue on the GitHub repo instead of posting in our chat room, since this is a technical issue? https://github.com/littlebizzy/slickstack/issues
  • reply
  • like
As a quick reply, that line is commented out in our ss-clean script because we weren't sure what is was, yes we should probably have a new section called e.g. "Possible malware" or "unknown source" etc
  • reply
  • like
As far as database access scripts, we simply don't want them in SlickStack builds for security/stability reasons, there are countless examples of such scripts being either exploited or not working properly in the WP framework (some have been actively banned from WordPress.org for security reasons)
  • reply
  • like
It simply adds a huge array of security and stability concerns for a script that is easily accessed directly instead, which also allows PHP and the server to properly manage it (instead of relying on WP environment)
  • reply
  • like
Anyway keep in mind that anyone can fork our project or use a "different" blacklist.txt file if they wish, thanks!
  • reply
  • like

January 29, 2020 at 7:40pm
thanks for suggestion, i've opened the issue there. (btw, even though you might disallow "phpmyadmin" (which I have secured and took care for authentication), there is my second concern about our library file (which is not phpmyadmin).
  • reply
  • like