On Fri, 19 Oct 2018, Bill Cole wrote:
On 19 Oct 2018, at 9:37, Alex wrote:
Hi,
Should we be adding 3 points for just this, or is there never a reason
users should be using /wp-admin in their URLs?
The score is coming out of RuleQA, so the score is derived empirically, not
by a logical
On Fri, 19 Oct 2018, Alex wrote:
Should we be adding 3 points for just this, or is there never a reason
users should be using /wp-admin in their URLs?
Oct 19 09:33:11.561 [1299] dbg: rules: ran uri rule __URI_WPADMIN
==> got hit: "/wp-admin/images/"
The rule description says possible
Great info - I think the other WP rules I co-wrote in the rules base conforms
to this convention - I'll double check
Paul
On 19/10/2018, 20:36, "Charles Sprickman" wrote:
> On Oct 19, 2018, at 10:15 AM, Paul Stead
wrote:
>
> Can't comment on the score - hacked Wordpress sites
> On Oct 19, 2018, at 10:15 AM, Paul Stead wrote:
>
> Can't comment on the score - hacked Wordpress sites often have bits hosted in
>
> * wp-admin
Yes.
> * wp-content
Yes and no.
Everything that a user uploads for their site lives under wp-content, so any
rule triggering on that part of
On 19 Oct 2018, at 9:37, Alex wrote:
Hi,
Should we be adding 3 points for just this, or is there never a reason
users should be using /wp-admin in their URLs?
The score is coming out of RuleQA, so the score is derived empirically,
not by a logical process based in arbitrary axioms.
That
Can't comment on the score - hacked Wordpress sites often have bits hosted in
* wp-admin
* wp-content
Pages within these directories are publicly accessible, but it is very unusual
for a WP plugin to reference these URIs directly in outbound emails
Paul
On 19/10/2018, 14:38, "Alex"
Hi,
Should we be adding 3 points for just this, or is there never a reason
users should be using /wp-admin in their URLs?
Oct 19 09:33:11.561 [1299] dbg: rules: ran uri rule __URI_WPADMIN
==> got hit: "/wp-admin/images/"
The rule description says possible phishing, but how would an end-user
