Bitdefender warning on local XAMP instalation.

  • Resolved wpdevelop

    (@wpdevelop)


    1 year, 10 months ago

    Hello.

    Since yesterday my Bitdefender Antivirus, show this critical warning:

    Potentially malicious application blocked

Feature:
Advanced Threat Defense

Application whoami.exe has been detected as potentially malicious and was blocked.
Application path: C:\Windows\System32\whoami.exe
Command line parameters: whoami
Detection ID: SuspiciousBehavior.xxx....

    I have found that issue is cumming from this line in this file:

    ../wp-content/plugins/query-monitor/collectors/environment.php :

    $php_u = exec( 'whoami' ); // phpcs:ignore

    When I have commented it, then everything become fine.

    Kind Regards.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author John Blackbourn

    (@johnbillion)

    WordPress Core Developer

    You’ll need to follow the advice of your antivirus provider to get this fixed. whoami is a standard utility function that returns the name of your computer user account. If it’s being flagged by your antivirus then you’ll need to investigate why. Hopefully just a false positive but you never know!

    The simplest solution for Windows XAMPP is to edit your php.ini file and disable the exec funtion > disable_functions = exec. Most web hosts disable this function by default and typically these other functions as well: system, passthru

    Or you can create an exclusion for the Apache httpd.exe file. This is what Bitdefender sees > httpd.exe => cmd.exe => whoami.exe

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Bitdefender warning on local XAMP instalation.’ is closed to new replies.