Exclude wp-content Folders

[handsunc]

Hi, I noticed that in the setting
QuarantineExclude Folders|Files from being checked by AutoRestore

/plugins is automatically added, but doesn’t that prevent the quarantine from acting upon hacked plugins? Just wondering if I takie /plugins out will I get a bunch of false positives and better to just keep it in and hope plugins dont get hacked? Thanks!! Carin

[AITpro Admin]

Yes, the /plugins folder is excluded by default. The /plugins folder is protected by the BPS Pro Plugin Firewall feature.  So it is unnecessary to have AutoRestore|Quarantine check plugin files. You can of course remove the plugins folder exclusion rule. That choice is up to you, but you really don’t need to have AutoRestore|Quarantine checking plugin files. The rationale is this > in order for a hacker to be able to modify plugin folders your hosting account would have to already be hacked. Plugin files cannot be modified externally and can only be modified internally from within your hosting account or from your wp-admin dashboard. Typically a hacker will try to upload a file (hacker Shell script) to your website root folder and from there gain full control of your hosting account. ARQ protects your website root folder and other typical hacker file upload hosting account folders.

[Author]

Posts