• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Resolved Removing Wappspector

jamie!

jamie!

New Pleskian
Server operating system version
AlmaLinux 9.3
Plesk version and microupdate number
18.0.59
Wappspector is being picked up by security scanners. Of course they are false positives, but with the amount of servers, there are a ton. Ignoring/clearing the issues is a pain.

Is it possible to remove Wappspector -- and without unintended consequences?
 
Hi, the Wappspector feature is provided as a part of core Plesk functionality for now - it's impossible to remove.

But it's interesting to know more about the security scanners: could you please provide a more detailed description of the issue you faced? We want to improve it to avoid such issues.

Thank you in advance.
 
Hi Anthony,

All of the frameworks and versions are flagged in Wiz as out-of-date web apps and corresponding CVEs, since it's method of detection is file path. We could certainly ignore since they are false positives, but as you can imagine, there are a ton of these (attached ss):
E.g.,

File /opt/psa/admin/plib/vendor/plesk/wappspector/test-data/wordpress/wordpress4.0/wp-includes/version.php version 4.0 is vulnerable to CVE-2017-9062, which exists in versions >= 4.0.0, <= 4.7.4.
 

Attachments

  • Screenshot 2024-03-18 at 10.33.15 AM.png
    Screenshot 2024-03-18 at 10.33.15 AM.png
    50.7 KB · Views: 10
@Anthony Thank you for looking into this so fast! I really appreciate it. But while this will fix a few CVE findings, others won't be resolved because WP v 4.9.25 is still is out of date with CVEs. It's also the frameworks as well and older versions that Wiz is flagging as vulnerabilities. For example, CodeIgniter is flagged:

Code: 
File /usr/local/psa/admin/plib/vendor/plesk/wappspector/test-data/codeigniter/4/vendor/codeigniter4/framework/system/CodeIgniter.php version 4.3.6 is vulnerable to CVE-2023-46240, which exists in versions >= 4.0.0, < 4.4.3.

I suspect the only way around this one, is to change the file path which Wiz scanner (and others) are looking for.
 

Attachments

  • Screenshot 2024-03-20 at 11.13.49 AM.png
    Screenshot 2024-03-20 at 11.13.49 AM.png
    144.6 KB · Views: 2
  • Screenshot 2024-03-20 at 11.13.41 AM.png
    Screenshot 2024-03-20 at 11.13.41 AM.png
    174.6 KB · Views: 2
You must log in or register to reply here.

Similar threads

J
Issue So Many issues with Plesk -Email - System reboots
Replies
0
Views
95
jammer699669
J
P
Question Locate and remove old SSL cert
Replies
2
Views
106
learning_curve
learning_curve
G
Issue Database Malware or False Positive?
Replies
2
Views
460
Gene Steinberg
G
M
Question Issue with Availability of Free Version of Plesk (Plesk Web Admin SE) on Vultr Server Deployment
Replies
7
Views
353
ItsDan
I
S
Question Emails being deleted by DMARC
Replies
5
Views
261
JVG
J
Back
Top