New here

Hello and welcome.
About your question: almost all resources are safe to use. Here are plenty of members tech savvy and they find anything unusual with shared resources. Tho, and this is a personal advice, you should run your own tests and checks on resources before placing them on production servers.

slvrsteele said:

Hello and welcome.
About your question: almost all resources are safe to use. Here are plenty of members tech savvy and they find anything unusual with shared resources. Tho, and this is a personal advice, you should run your own tests and checks on resources before placing them on production servers.

Click to expand...

what are the best ways to test the plugins for non-techies, I do tests with virus total but is it enough?

birdarabic said:

what are the best ways to test the plugins for non-techies, I do tests with virus total but is it enough?

Click to expand...

Virus total is a good idea, but there are snippets that might bypass virus verification like outsite requests disguised as api calls or downloaders disguised as important parts of plugin/theme/app. One workaround for everyone, from rookie to expert programmers, is to keep yourself informed and updated with latest programming exploits and, by extension, with any exploit that concern your programming language (for most resources would be php and javascript) and check everything you use against these exploits/malicious codes.

Edit: example of one malicious code i found in a plugin: it was doing api calls to developer website to check for updates but in between these api calls was implemented a call to an ip that didn't belong to developer with "/api/update?n=<sitename>&p=<siteip>&k=<random md5 hash>" and a GET request and install from same ip for couple malicious files that have been installed in wordpress core.

Edit2: Another option for wordpress users is to use a security plugin that scans files for rootkits/shells/malware/backdoors but don't bloat your website with too many cause it will slow it down or they'll block each other. A firewall with strict access rules to core folders and requests would also come in handy.

Virus total is definitely the way I'd say never had any issues while using it but nothing is 100% secure in our world lol. Back then I used TAC but I don't think it is up to date so not good (sorry) I have not used in a while to be honest.

Hi @Tekno , Welcome to BABIATO! I hope you get the most useful stuff on the internet through this forum.

- Read the Rules and try not to leech without contributing if possible.

About your question,
: Yes, they are 99.99% of the time safe to use.