Outdated and bad plugin check
The scan
This scan checks if you're using any plugin that has been removed from the official repository or that hasn't been updated in the last two years or more.
Note : plugins that haven't been updated for two years or more are not necessarily dangerous. They just may not need any update at all.
The fix
SecuPress will first ask you to select the plugins to be removed.
On a multisite, each site's administrator will have to deactivate the plugins you've selected via a dedicated page. They will also be notified in their admin. This step has a few purposes :
- execute the uninstall scripts on each site.
- inform each administrator that the plugins have been deleted, because those may be important.
Once the plugins are deactivated on every site, you will be able to go back on SecuPress' main scanner page and finally uninstall them.
What if the fix doesn't work ?
Several solutions are possible.
- Try to manually delete the plugins from the usual plugins page (
/wp-admin/plugins.php). - Access your site via FTP, open up the
wp-config.phpfile at the root of your site, and look for the following line and delete it:define( 'DISALLOW_FILE_MODS', true );
Caution : do not mistake this line with the
DISALLOW_FILE_EDITconstant ! If the line doesn't exist, then you have nothing else to do. -
Access your site via FTP, check the chmod for the
/wp-content/and/wp-content/plugins/are set to0755. If they are then you have nothing else to do. If you don't know what 'chmod' is then do nothing. Once the chmod is set, try clicking the 'fix it' button again. -
Access your site via FTP and manually delete the plugins.