en Functionality
Injections, exploits, viruses, malware, hacks - a common denominator: Sneaky infiltrated code. And this code has only one job: to be executed!
By using sophisticated techniques, every imaginable possibility is used to make the implanted code, the executed activity and the results unrecognizable - the trickbox of the attackers are groundless and manifold. As a blogger, it is extraordinarily difficult: If you are unintentionally a victim of an attack, you do not always recognize the serious infection and the nasty exploitation of the blog promptly.
Barely a blog operator inspects the source code of pages at regular intervals, in order to localize possibly automatically inserted and not infrequently hinded links to erotic and casino pages. Even the templates on the FTP server are rarely or ever been subjected to an optical monitoring - if a file is infected by the virus, the modification by third parties would only be noticed a while later, if at all.
In summary: injected pest hide themselves and their work. As a result, they act undetected and undisturbed over a longer period of time. Thereby causing enormous damage.
###Early warning system for WordPress### Well, the tragedy is described and understood: the damage would be enormous, if there is no immediately reaction after the attack. But how to become active, if a blog operator does not notice the infection - finally, the action does not announce itself? The first AntiVirus plug-in for WordPress makes a great and essential help with this problem: AntiVirus for WordPress checks relevant template files for possibly injected code. Optionally manual or automatic in the background.
After activating the AntiVirus for WordPress you can use the functionality of the plugin. The checkbox available under Settings switches automatic control sequences on or off: The templates of the WordPress theme used are scanned once a day for malicious sections. If suspicious code found, the administrator of the blog receives a notification via e-mail. Alternatively, any e-mail address can be left.
Automatic check in AntiVirus for WordPress
###Manual check### The manually initiated scan reads all the theme files immediately and evaluates the contents at the same time. The result is a list of files that have been checked. In the output, colors play a significant but self-explanatory role: green means "file without indication", red signals a warning - the suspect is highlighted yellow in the middle of the line.
If you are sure that a line is definitely not a threat, it can be muted by clicking on "There is no virus". When the next (automatic or manual) check is executed, this location in the code will be skipped.
Manual check of WordPress templates
###Google Safe Browsing### Since version 1.3.4, the plugin has a valuable opportunity to access the data of Google Safe Browsing. Once Google thinks the website has been infected and is a threat, the AntiVirus plugin will notice it and notify the blog administrator by e-mail. The email contains a link to the Google Safe Browsing Diagnostics page with more information.
###Helpful links for hacked websites:###
###Technical details### The AntiVirus plugin searches active templates for blocks that can indicate a virus initiated via code injection. Typically, there are commands for encoding, evaluating and executing string as a PHP code. Values from the option fields of the database are also used and will be analyzed.