Vulnerabilities found on your Server - Action Required: WordPress

[benjpw]

Hello,

The "Vulnerabilities found on your Server - Action Required: WordPress" emails have been somewhat useful, but one annoying thing is they include suspended WHM accounts - is there any way to configure the scan to ignore suspended accounts (because an outdated WP installation in a suspended account isn't a vulnerability - the WP code doesn't get executed anyway on a suspended account, right?)?

Thanks in advance.

 

[cPRex]

Hey there! It would really depend on the type of vulnerability, so I'm not sure I'm comfortable saying "no" in all circumstances. While the site wouldn't be accessible on the internet, the files on the domain are still in place, so if there is something running on the account itself that could be suspicious that would still be in place.

At this time there is not a way to exclude suspended accounts, but that sounds like an excellent feature request if you'd like to create one using the link in my signature.