<?php
// Direct calls to this file are Forbidden when core files are not present
if ( ! current_user_can('manage_options') ) {
header('Status: 403 Forbidden');
header('HTTP/1.1 403 Forbidden');
exit();
}
/** MScan **/
$bps_modal_content1 = '<strong><font color="blue">'.__('For more extensive help info and answers to common issues or problems click the MScan Malware Scanner Guide link above. For troubleshooting help or to post suspicious code click the MScan Troubleshooting & Code Posting link above.', 'bulletproof-security').'</font></strong>
<br><br><strong>'.__('MScan General Info', 'bulletproof-security').'</strong><br>'.__('MScan scans WP Core, Plugin and Theme files using file hash comparisons, which is 100% accurate vs conventional pattern matching, which is typically around 75% - 85% accurate. MScan scans all other website files (non-WordPress files) using conventional pattern matching scanning. The pattern matching code is much more extensive in MScan and will hopefully achieve a 95% or higher detection rate. False positives are inevitable when using conventional pattern matching scanning, but since MScan uses file hash comparison scanning for all WP Core, Plugin and Theme files then there will not be any false positives detected for any/all WordPress files (WP Core, Plugins and Themes). MScan automatically downloads WordPress, Plugin and Theme zip files, extracts the zip files, creates file hashes for all files and then deletes the zip files and all extracted folders and files. WP Core, Plugin and Theme zip downloads only occur on the first MScan scan or when a new WordPress, Plugin or Theme version is installed/updated or when the Delete File Hashes Tool is used.', 'bulletproof-security').
'<br><br><strong>'.__('File Hash Maker', 'bulletproof-security').'</strong><br>'.__('If new WP Core, Plugin or Theme zip files need to be downloaded and processed you will see the see the "File Hash Maker Time Remaining: 00:00:00: Downloading and extracting zip files" scan status. Once the File Hash Maker has completed it will display the number of zip files processed. Click the Start Scan button after the File Hash Maker has completed to scan files. Note: File scanning does not occur when the File Hash Maker is running to prevent false positive file hash mismatches.', 'bulletproof-security').
'<br><br><strong>'.__('Scanning Other WordPress Sites', 'bulletproof-security').'</strong><br>'.__('Website folder checkboxes cannot be checked for other WordPress sites under your hosting account. To scan other WordPress sites under your hosting account run MScan from each site. There are several technical reasons for doing this: Each site may have a different version of WordPress installed and different Plugins and Themes installed. MScan now uses file hash comparisons for each individual site based on the WordPress, Plugin and Theme versions installed on each individual website.', 'bulletproof-security').
'<br><br><strong>'.__('Calculating Scan Time Exceeded', 'bulletproof-security').'</strong><br>'.__('If you see "Calculating Scan Time Exceeded: Still calculating estimated scan time" this means that the current scan time estimate is taking longer than expected. The scan will still complete successfully.', 'bulletproof-security').
'<br><br><strong>'.__('Processing Total File Count', 'bulletproof-security').'</strong><br>'.__('If you see "Processing Total File Count: Still scanning files" that means that the current scan that you are running has not yet processed the total number of files to scan yet. The scan will complete successfully.', 'bulletproof-security').
'<br><br><strong>'.__('Error: Files found in the plugin-hashes folder', 'bulletproof-security').'</strong><br>'.__('If you see "Total Files Scanned: Error: Files found in the plugin-hashes folder" that means that files (and probably folders too) were found in the /wp-content/bps-backup/plugin-hashes/ folder. This problem could be caused by uploading a plugin zip file that does not extract the entire plugin folder and instead extracts individual plugin folders and files. To fix this problem you will need to use FTP or your web host control panel file manager and delete all folders and files in the /plugin-hashes/ folder except for this file: plugin-hashes.php. To correctly make a plugin zip file that extracts the entire plugin folder you would right mouse click on the plugin folder, click "send to" and then click "Compressed (zipped) folder" on Windows.', 'bulletproof-security').
'<br><br><strong>'.__('Error: Files found in the theme-hashes folder', 'bulletproof-security').'</strong><br>'.__('If you see "Total Files Scanned: Error: Files found in the theme-hashes folder" that means that files (and probably folders too) were found in the /wp-content/bps-backup/theme-hashes/ folder. This problem could be caused by uploading a theme zip file that does not extract the entire theme folder and instead extracts individual theme folders and files. To fix this problem you will need to use FTP or your web host control panel file manager and delete all folders and files in the /theme-hashes/ folder except for this file: theme-hashes.php. To correctly make a theme zip file that extracts the entire theme folder you would right mouse click on the theme folder, click "send to" and then click "Compressed (zipped) folder" on Windows.', 'bulletproof-security').
'<br><br><strong>'.__('Start Scan', 'bulletproof-security').'</strong><br>'.__('Clicking the Start Scan button starts a scan.', 'bulletproof-security').
'<br><br><strong>'.__('Stop Scan', 'bulletproof-security').'</strong><br>'.__('Clicking the Stop Scan button stops a scan. You can also deactivate and activate the BPS Pro plugin on the WordPress Plugins page to stop a scan.', 'bulletproof-security').
'<br><br><strong>'.__('Reset MScan', 'bulletproof-security').'</strong><br>'.__('The Reset MScan button resets/deletes these things: MScan Status option values: The Scan Completed timestamp, Total Scan Time, Total Files Scanned, Skipped Files, Suspicious Files and Suspicious DB Entries status values will be deleted and will either display blank or 0. The scan data in the View|Ignore|Delete Suspicious Files and View|Ignore Suspicious DB Entries Forms will be deleted.', 'bulletproof-security').
'<br><br><strong>'.__('Website Folders & Files To Scan', 'bulletproof-security').'</strong><br>'.__('Checking a checkbox means scan that folder. Unchecking a checkbox means do not scan that folder. "Giving WordPress Its Own Directory" site types: All scannable parent folders will be listed along with your WP installation folders. Both parent folders and files and WP installation folders and files that you select/check will be scanned. All other site types: All folders in your WP installation folder will be listed. All folders and files in your WP installation folder that you select/check will be scanned.', 'bulletproof-security').
'<br><br><strong>'.__('Max File Size Limit to Scan', 'bulletproof-security').'</strong><br>'.__('Files that are larger than the default file size setting of 1000KB will be skipped by default in a regular scan and can be scanned using a Skipped File scan. You can change the max file size limit option setting to a larger max file size limit.', 'bulletproof-security').
'<br><br><strong>'.__('Max Time Limit to Scan', 'bulletproof-security').'</strong><br>'.__('The default time limit for script execution on most web hosts is 300 seconds. The default time limit setting for MScan scanning is also set to 300 seconds. It is not recommended that you increase the time limit higher than 300 seconds.', 'bulletproof-security').
'<br><br><strong>'.__('Exclude Individual Folders', 'bulletproof-security').'</strong><br>'.__('Enter relative folder paths one folder path per line. A relative folder path is this: /some-folder/some-subfolder. A literal path would be the full server path: /xxxxx/xxxxx/public_html/wordpress/some-folder/some-subfolder. Important Note: Add at least 2 folders in the path. The reason for that is if you just enter 1 folder name/path it could match other folder names somewhere else under your website folders. Example: If you only entered The folder path/name /cache/ it would match all folders named /cache/. If you add the folder name/path: /wp-content/cache/ it would only match this particular cache folder under the wp-content folder.', 'bulletproof-security').
'<br><br><strong>'.__('Scan Database', 'bulletproof-security').'</strong><br>'.__('When Database scan is turned on your WordPress database will be scanned for suspicious code.', 'bulletproof-security').
'<br><br><strong>'.__('Scan Skipped Files Only', 'bulletproof-security').'</strong><br>'.__('Skipped files are files that are larger than the "Max File Size Limit to Scan" option setting file size. The default file size setting is 400KB. When Skipped File Scan is On only skipped files will be scanned. Note: No other MScan option settings have any effect while Skipped File Scan is set to On.', 'bulletproof-security').
'<br><br><strong>'.__('Automatically Delete /tmp Files', 'bulletproof-security').'</strong><br>'.__('When Delete Tmp Files is On, all temporary files will be deleted. Hackers commonly hide hacker files in the /tmp folder.', 'bulletproof-security').
'<br><br><strong>'.__('Exclude /tmp Files', 'bulletproof-security').'</strong><br>'.__('Enter 1 file name per line. Some web hosts store files such as, mysql.sock, .s.PGSQL.5432 and .per-user in the /tmp folder. These files cannot be deleted by MScan, but attempting to delete these files will generate php errors. To prevent php errors from occurring you would exclude files such as these using the MScan Exclude /tmp files option setting. You will need to ask your web host for the names of those tmp files to exclude.', 'bulletproof-security').
'<br><br><strong>'.__('Scheduled Scan Frequency', 'bulletproof-security').'</strong><br>'.__('You can choose to schedule ongoing automated scans. Note: The BPS Pro ARQ IDPS scanner is far superior to any/all Malware scanners including BPS Pro MScan. You can of course use both ARQ IDPS and MScan scheduled scans together.', 'bulletproof-security').
/* This tool causes buggy problems on Live hosted sites. This tool is no longer needed anyway. Either fix the bugs or nuke it.
'<br><br><strong>'.__('Scan Time Estimate Tool', 'bulletproof-security').'</strong><br>'.__('You can stop the scan time estimate if it hangs or is taking too long by clicking the Stop Scan button. This tool allows you to check the estimated total scan time of a scan based on your MScan option settings without actually performing/running a scan. Note: This tool does not affect or change any previous scan results except for the Total Scan Time, which will be changed to the estimated scan time. Example Usage: You can check or uncheck Hosting Account Root Folders checkboxes and change any other MScan option settings, save your MScan option settings and then run the Scan Time Estimate Tool to get the total estimated time that the actual scan will take. Note: This tool fully simulates an actual scan.', 'bulletproof-security').
*/
'<br><br><strong>'.__('Delete File Hashes Tool', 'bulletproof-security').'</strong><br>'.__('This tool allows you to delete the Plugin and Theme file hashes. This tool should ONLY be used if there is a problem when scanning Plugin and Theme files. Usages: If you downgrade a plugin to an older version then use this tool to delete Plugin and Theme file hashes. If the MScan file hash comparison results display a large number of Plugin or Theme files as suspicious: Example: Suspicious|Modified|Unknown Plugin or Theme file then use this tool to delete all Plugin and Theme file hashes. After using this tool, the next MScan scan that you perform will download new Plugin and Theme zip files, extract them, make new Plugin and Theme file hashes and then delete the zip files. Important Note: You should also click the MScan Reset button after using this tool to remove any old/bad scan data.', 'bulletproof-security').
'<br><br><strong>'.__('Upload Plugin Zip Files', 'bulletproof-security').'</strong><br>'.__('You can upload multiple zip files at the same time by using your Ctrl or Shift keyboard keys on Windows. This upload form allows you to upload premium, paid and custom plugin zip files that are not in the WordPress Plugin Repository on wordpress.org. MScan will automatically extract any uploaded plugin zip files, create file hashes and delete the plugin zip files on the next MScan scan. If you do not choose to upload premium, paid and custom plugin zip files then those premium, paid and custom plugin files will not be scanned. Important Note: Plugin zip files MUST be named/renamed using the version number in this exact format: plugin-name.x.x.zip where x is the actual current plugin version number. The reason for that is MScan keeps track of the version numbers for plugins in order to create new plugin file hashes for newer versions of plugins when you update them. This process is completely automated for any/all free plugins that you have installed from the WordPress Plugin Repository on wordpress.org. Important Note: Some plugin zip files in the WP Plugin Repository are not named with a version number. If you would like to scan those plugins you will need to download the plugin zip file and rename it using this exact format: plugin-name.x.x.zip and then upload the renamed plugin zip file.', 'bulletproof-security').
'<br><br><strong>'.__('Upload Theme Zip Files', 'bulletproof-security').'</strong><br>'.__('You can upload multiple zip files at the same time by using your Ctrl or Shift keyboard keys on Windows. This upload form allows you to upload premium, paid and custom theme zip files that are not in the WordPress Theme Repository on wordpress.org. MScan will automatically extract any uploaded theme zip files, create file hashes and delete the theme zip files on the next MScan scan. If you do not choose to upload premium, paid and custom theme zip files then those premium, paid and custom theme files will not be scanned. Important Note: Theme zip files MUST be named/renamed using the version number in this exact format: theme-name.x.x.zip where x is the actual current theme version number. The reason for that is MScan keeps track of the version numbers for themes in order to create new theme file hashes for newer versions of themes when you update them. This process is completely automated for any/all free themes that you have installed from the WordPress Theme Repository on wordpress.org. Important Note: Some theme zip files in the WP Theme Repository are not named with a version number. If you would like to scan those themes you will need to download the theme zip file and rename it using this exact format: theme-name.x.x.zip and then upload the renamed theme zip file. Child Themes are a custom Theme. Zip a known good/clean copy of your Child Theme folder and upload it if you would like your Child Theme files scanned. Use the same zip file naming convention: theme-name-child.x.x.zip.', 'bulletproof-security').
'<br><br><strong>'.__('View|Ignore|Delete Suspicious Files', 'bulletproof-security').'</strong><br>'.__('This form allows you to view, ignore, unignore or delete suspicious and skipped files. If you are not sure if code is malicious or safe you can copy the code and post the code in the MScan Troubleshooting & Code Posting forum topic. See the link above. If you are unsure if a file is a hacker file or not then download a copy of that file before deleting it. When you ignore a file it will no longer be scanned in any future scans. When you unignore an ignored file it will be scanned in future scans.', 'bulletproof-security').
'<br><br><strong>'.__('View|Ignore Suspicious DB Entries', 'bulletproof-security').'</strong><br>'.__('This form allows you to view, ignore or unignore suspicious DB Entries. Note: The view option displays the DB Table, Column, Row ID and the MScan Pattern Match that was detected by the MScan scan. Use phpMyAdmin or a similar tool to check your database Row where the suspicious code was found. When you ignore a DB Entry it will no longer be scanned in any future scans. When you unignore an ignored DB Entry it will be scanned in future scans.', 'bulletproof-security');
/** MScan Log **/
$bps_modal_content2 = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br><strong>'.
__('MScan Log General Information', 'bulletproof-security').'</strong><br>'.__('Your MScan Log file is a plain text static file and not a dynamic file or dynamic display to keep your website resource usage at a bare minimum and keep your website performance at a maximum. Log entries are logged in descending order by Date and Time. You can copy, edit and delete this plain text file. You can choose Display & Alert Options Email Alerting & Log File Options to automatically email your MScan Log file to you and delete it when it reaches a certain size (256KB, 500KB or 1MB).', 'bulletproof-security').
'<strong><br><br>'.__('MScan Logging', 'bulletproof-security').'</strong><br>'.__('Logs extensive details about each scan that you run.', 'bulletproof-security').
'<strong><br><br>'.__('MScan Log File Size', 'bulletproof-security').'</strong><br>'.__('Displays the size of your MScan Log file. If your log file is larger than 2MB then you will see a Red warning message displayed: The Display & Alert Options Email Alerting & Log File Options will only send log files up to 2MB in size. Copy and paste the MScan Log file contents into a Notepad text file on your computer and save it. Then click the Delete Log button to delete the contents of this Log file.', 'bulletproof-security').'<br><br><strong>'.__('MScan Log Last Modified Time', 'bulletproof-security').
'</strong><br>'.__('The Reset Last Modified Time in DB option/feature is completely automated and does not require any manual steps performed by you.', 'bulletproof-security').
'<br><br><strong>'.__('Delete Log Button', 'bulletproof-security').'</strong><br>'.__('Clicking the Delete Log button will delete the entire contents of your MScan Log File. If you have setup Display & Alert Options Email Alerting & Log Options then the only time you would probably need to use the Delete Log button is if your MScan Log file exceeds 2MB in size.', 'bulletproof-security');
/** MScan Report **/
$bps_modal_content3 = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br><strong>'.
__('MScan Report General Information', 'bulletproof-security').'</strong><br>'.__('After running a scan your extensive scan results data is displayed on this tab page. If you would like to save your scan results data click the Save MScan Report button. You can save up to 20 scan reports. You can view or delete scan reports on the MScan Saved Reports tab page using the MScan Saved Reports Form.', 'bulletproof-security').
'<br><br><strong>'.__('No File Hashes for This Plugin or No File Hashes for This Theme', 'bulletproof-security').'</strong><br>'.__('If you see either of these status messages under Plugin File Hashes or Theme File Hashes then go to the main MScan tab page, click the MScan Question Mark help button and read the "Upload Plugin Zip Files" or "Upload Theme Zip Files" help section.', 'bulletproof-security');
/** MScan Saved Reports **/
$bps_modal_content4 = '<strong>'.__('This Question Mark Help window is draggable (top) and resizable (bottom right corner)', 'bulletproof-security').'</strong><br><br><strong>'.
__('MScan Saved Reports General Information', 'bulletproof-security').'</strong><br>'.__('You can save up to 20 scan reports. You can view or delete scan reports. If you would like to view a saved scan report select the View Report checkbox for the scan report you would like to view and click the View|Delete Reports button. Scan report data is displayed below the MScan Saved Reports Form. If you would like to delete a saved scan report select the Delete Report checkbox for the scan report you would like to delete and click the View|Delete Reports button. Refresh/reload the MScan Saved Reports tab page when deleting scan reports to see the current MScan Saved Reports Form data.', 'bulletproof-security');
?> |