How does it work?
We’ve often encountered a situation where scanning the server for WordPress sites made the WordPress Toolkit completely unresponsive. After some digging, we found that, most of the time, it is malware infection on one or more WordPress sites on the server that causes this problem. This caused WordPress Toolkit not to properly access certain important files. So it was doomed to eternally wait for files, while not responding to any commands.
To address this issue, we added a reasonable timeout for certain WordPress Toolkit operations. The suspicious WordPress websites that WordPress Toolkit finds now go into quarantine mode:
1. Email notification is being sent. Notification text and recipients can be configured under Tools & Settings > Notifications > "WordPress installation is quarantined" for admin/reseller/customer.
2. WordPress Toolkit mark website as "Quarantined" under the Wordpress Toolkit (see image above).
3. WordPress Toolkit will skip website from all the automatic tasks such as an update and etc.
What if it is not a malware?
I receive notifications, but websites are not infected by malware, what can be done?
This might be caused by performance issues on one or several websites. For example, a plugin might continuously run a cron task which causes the timeout, which in turn causes the quarantine. Try increasing the value of the following option in the panel.ini file:
wpCliTimeoutHeavy = 1800
wpCliTimeoutMedium = 300
wpCliTimeoutRegular = 300
wpCliTimeoutRegularTimeout = 180
wpCliTimeoutMaintenanceTimeout = 180
For example, default timeout for retrieving website properties (Regular) is 60 seconds. Grater timeout (Heavy) for website update operation: 30 minutes.
Also, we target to improve mechanism to detect malware using Machine Learning, corresponding feature request is EXTWPTOOLK-2841