Vulnerabilities found on your Server - Action Required: WordPress

benjpw

Registered
Nov 15, 2017
4
0
1
Australia
cPanel Access Level
Root Administrator
Hello,

The "Vulnerabilities found on your Server - Action Required: WordPress" emails have been somewhat useful, but one annoying thing is they include suspended WHM accounts - is there any way to configure the scan to ignore suspended accounts (because an outdated WP installation in a suspended account isn't a vulnerability - the WP code doesn't get executed anyway on a suspended account, right?)?

Thanks in advance.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
13,463
2,114
363
cPanel Access Level
Root Administrator
Hey there! It would really depend on the type of vulnerability, so I'm not sure I'm comfortable saying "no" in all circumstances. While the site wouldn't be accessible on the internet, the files on the domain are still in place, so if there is something running on the account itself that could be suspicious that would still be in place.

At this time there is not a way to exclude suspended accounts, but that sounds like an excellent feature request if you'd like to create one using the link in my signature.