New to the community? Start here

[Defender Pro] Improvement on Defender Malware Log

0

Two important UI/UX fixes:

1. on the malware log take the user to the suspicious line of code. Also add a button to go to it directly (or in the case of multiple lines to go to next/previous). It currently takes a lot of time of frustration to find it.

2. on the ignore list, allow seeing the same info regarding the issue on click (file path, the code and suspicious line).

Cheers!

Mon, 1 Feb 2021 18:43:19
More Defender Pro discussions
Defender Pro
  • Tony G
    • Mr. LetsFixTheWorld

    Hey Chip – I think your first point is related to a post I made. The scrollbar does have a yellow indicator to tell us where an issue is. The problem is that the code is not properly color-coded. If they fix that, then the difficulty with figuring out the code line/issue goes away. Agreed?

    About the ignore list : I have never commented on this but this is a good place. When we set a file to Ignore, we’re saying “the version in place now can be ignored”. But if that file is replaced with a subsequent update, and Defender is still ignoring it, we might miss a fix or even another issue that we would not want to ignore. I believe we should have an option to toggle: Remove from Ignore on Update. So if a plugin is updated and the same issue is there, the line might be different. And that’s my real point here – unless Defender re-evaluates a file, perhaps after an update, the line it previously reported might be different from the line that’s in there now. The best way to deal with this is to un-Ignore files and do a malware scan. Then you can easily see what is flagged by the current code.

    One could rightly/arguably suggest that it’s easier for us, the administrator, to just rescan a file that’s been ignored. That depends on how the scan code is written. Indeed it might be easy for DEV to do that. But if the scan code is buried in a loop where they are running through the entire site, then rather than asking them for a big change like this, personally I’d rather accept the small burden of unchecking a file and clicking Rescan. There is very little pain here and we don’t put any additional burden on our vendor.

    All that said, the requests are yours to make. I’m just suggesting that in this specific case we don’t actually need DEV to do anything more. The solution to the first issue is already in the queue and the solution to the second issue is already in our hands.

    HTH

  • Kris Tomczyk
    • Ex Staff

    Hi Chip Tony G

    I hope you are doing good today.

    As mentioned by Nithin here:
    https://wpmudev.com/forums/topic/defender-pro-malware-scan-report-does-not-highlight-code-red-green/#post-3868149 Defender Team is already working on some improvements in this section. Please note in past we this feature worked this way but it was removed because in some cases Defender needed to load large pieces of code to the dashboard and mark correct suspicious parts of code. This was causing high CPU and user complaints.

    Pointing files and display data on the Ignored list sounds reasonable. I will bring that to our Defender Team attention.

    Kind Regards,
    Kris