re update coursepress pro 1.2.4.6

I had the dev dashboard running on testwp and on vintest. Vintest was a special site for Vinod to do some testing. 2/6 I took it down and deleted all files. I also deleted the dashboard from testwp. Next I have updated coursepress pro to 1.2.4.6 via ftp. It shows in my plugin list as being the current version. Yet I am still getting this update banner. I suspect the way the wpmu dashboard works is why Sucuri site scan yesterday says my testwp site is infected with malware.

  • Michelle Shull

    Hi there, Marshall!

    We're not getting any reports of malware with the dashboard, I just ran a Sucuri scan on three separate sites of mine with the dashboard installed, and they all came back clean. (That's on three separate hosts, too.)

    Can you tell me the text you're seeing in the update banner, or grab me a screenshot? If you've got the WPMU DEV dashboard uninstalled, we do show a friendly banner asking you to download it. If that's what you're seeing, it's not indicative of malware.

    Is the banner saying you need to update CoursePress? If so, double check the version number via your Installed Plugins menu and make sure it matches the latest version.

    If you're seeing another message, let me know what that is and we can try to track down the source.

    Thanks!

  • marshall_estes

    @Michelle > The 500 error is being caused by the coursepress pro plugin itself. I deleted both my course and the demo course from the plugin to demonstrate the plugin core is the cause of the 500 header returns when accessing the WP login page. At least as far as I can tell it is the cause.
    See video here
    http://www.fly-fishing-colorado.com/testwp/media/coursepress-500headererror.mp4

    The 500 error header may be consistent with the error log I attached to the support ticket previously showing multiple php parsing errors from coursepress pro. The test site is testwp that is showing the header error. Vintest is gone so please don't ask me to test on it.

    Sucuri still shows a 500 error with or without the plugin active so they must be reading the plugin files directly. testwp is running on a fresh database, WP at 4.1 and CoursePress at 1.2.4.6 and all the other plugins are current too.

    Please move this thread to my features and resquests thread so all this is in one place.

  • marshall_estes

    2/7/15 I am updating this thread with this information. After Sucuri first identified my testwp install as being infected and I did the tests above in the video, I got curious about where such an infection might be. So bit by bit I dismantled my site and the database itself all the while retesting the sucuri scan. No chnages. In fact the return after clicking the scan button was so fast, it looks like a page refresh compared to when they first scan a website. During this rescan testing, I used FF 35 and IE set to delete the cache and history on closing. I closed out IE several times with no effect on the Sucuri malware results and deleted the last hour of history on FF along with using self destructing cookie addon. Again no change from the original find of "malware" on testwp.

    After dropping all the tables used in the first install of testwp, I deleted the folder off my server. Resetup the folder, reuploaded WP 4.1, and reinstalled WP with a totally clean install. Only standard WP themes and plugins. I also used a different table prefix from the 1st install.

    The results of course are Sucuri still shows my site as infected with malware which is physically impossible as far as I can tell from the procedures I used. While I know what this looks like to me, I will let the user draw their own conclusion.

  • Michelle Shull

    Hey marshall!

    First up, there's a new version of CoursePress that was just released which should solve the internal server error issue.

    Next, I'm going to invite our SLS guys in here to take a look at your malware issue. I'm still not seeing any sign of any issue on any of my sites with the Dashboard (and CoursePress) installed, but maybe they can help track this issue down.

    Thanks!