Updated whitelists?
Kramerican opened this issue · 3 comments
Using the -u switch just grabs the whitelists from the master branch here. Which would be fine if they were being kept updated.
I mean, WP is at version 4.9.1 which results in quite a few false positives on a clean install.
There is no repository for updated whitelists? It seems to me it should be trivial to set up an automated workflow with WP-CLI on some cloud provider in order to fetch a fresh WP whenever there is a new version and generate a whitelist automatically.
So, I guess this is a feature request?
I tried generating my own whitelist for v4.9.1 but I get the following (Ubuntu 16.04)
apt install python-yara -y
[...]
~#: ./generate_whitelist.py wordpress491 /var/www/html
Traceback (most recent call last):
File "./generate_whitelist.py", line 30, in <module>
matches = rules.match(fname, fast=True)
yara.Error: could not map file "/var/www/html/wp-login.php" into memory
If you could assist in the above error, maybe I can assist in building an automated system for generating whitelists for Wordpress (I am a devops at a cloud VPS provider, so I can automate the setup of a clean environment and host the resulting whitelist files, if you wish ...)
Regarding the whitelist issue: It should be noted that - as you can see - I installed python-yara as a package and did not compile it myself, and that the server is a Linux Container (LXD) instance. I suspect it's an environment / config thing, possibly.
I'll try on a fresh instance, once I have time, and compile python-yara myself and see what happens.
Sorry for being "a bit" long at answering... I just tried to generate the same whitelist as you did, and generation works well on my machine (however I'm not using the same env as you). Did you have a chance to test this on a fresh instance? Are you still having the issue?
Issue has been stale for more than a year and can't be reproduced, closing it.