Exclude files from scan not working

  • Resolved Luke

    (@danceyrselfclean_admin)


    5 years, 5 months ago

    I am trying to exlude certain files from my scan, I have tried all sorts of wildcard combinations but nothing seems to target it.

    None of the following will exclude anything despite there being about 30 files in that folder:
    wp-content/uploads/2018/12/*
    wp-content/uploads/2018/12*
    wp-content/uploads/2018/*
    wp-content/uploads/2018*

    wp-content/uploads/* works but I don’t want to exclude the entire uploads folder. I’ve spent hours over the past 6 months trying to find a solution to this but with no luck.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter Luke

    (@danceyrselfclean_admin)

    Even rules such as the following don’t work:
    *.jpg
    *.png
    *.pdf

    Whereas something like wp-content/* will.

    Thread Starter Luke

    (@danceyrselfclean_admin)

    Tested on a completely fresh install.

    If I exclude the following it will scan 287 files
    wp-content/plugins/*
    wp-content/themes/*
    wp-content/wflogs/*
    wp-content/uploads/*
    wp-content/index.php
    wp-content/test.php
    wp-admin/*
    wp-includes/*

    However the following excludes don’t do anything:
    wp-content/index.php
    wp-content/uploads/*

    The index.php within wp-content exists so I’m not sure why that can’t be exluded, I created a test.php file in the same folder, with the same contents and permissions, yet that test.php file can be excluded.

    In the uploads folder there is a 2019 folder with 09 inside of it, then there are 20 image files. None of these are excluded.

    It should be excluding an extra 21 files bringing the total scanned down to 266.

    There seems to either be a bug with exclusion or I am missing something here.

    Are images excluded by default so they will only be scanned if the following option is ticked? Scan images, binary, and other files as if they were executable

    I have been basing the scanned files total on the assumption that images are scanned by default, I’ve not seen it mentioned anywhere in the documentation.

    If that is the case then that explains why my exclusions for images in the uploads folder isn’t working.

    However I still can’t figure out why wp-content/index.php doesn’t work.

    • This reply was modified 5 years, 5 months ago by Luke.
    Plugin Support wfphil

    (@wfphil)

    Hi @danceyrselfclean_admin

    It appears that you are determining successful or non-successful scan exclusions by looking at the scan activity log line Scan Complete. Scanned xxxx files..., that you see at the end of a scan (where xxxx is the number of files).

    You mentioned these three file types:

    JPG
    PNG
    PDF

    The scanner won’t scan those file types unless the option Scan images, binary, and other files as if they were executable is enabled.

    With regards to your exclusion rules when you said, “wp-content/uploads/* works” I have two questions:

    1) Are you determining that from the scan activity log line Scan Complete. Scanned xxxx files...?

    2) Are there any PHP or JavaScript files in any sub-directories of the wp-content/uploads directory?

    Naturally the exclusion rule wp-content/* will work and show a lower file count because the scan will exclude all PHP and JavaScript files located in theme and plugin directories for example.

    I can confirm that the exclusion rule wp-content/index.php does not work so I have asked the team about this.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Exclude files from scan not working’ is closed to new replies.