Trouble? We are here to help!

I have set up monitoring via cron but only got 1 mail?

It is the intended behaviour of --monitor to only send a mail when something has changed. If you want to always get an email report, change --monitor into --report

I have set up monitoring via cron but I get mail every time?

Change --report into --monitor and you will only be notified whenever an new issue is found, or an old issue has been fixed.

I always get this error: Could not download signature db

Something seems wrong with your network configuration. You are either behind a very restrictive firewall, or you have IPv6 lookups enabled for DNS but IPv6 routing fails. You should ask your network administrator / ISP.

I get: Query failed, perhaps this is a dev/test db server that I cannot reach

eComscan uses the password for the database from your store configuration. Sometimes, it finds store configuration that is used in local or development servers, and cannot connect to these servers. If you suspect something else is wrong, please re-run ecomscan with the --verbose option and share the results with us.

eComscan is running slow

eComscan runs with the lowest priority (CPU + disk) so will only use idle resources and will not affect the performance of your store. There is one exception to this: some (cheaper) virtual servers have been oversold. In that case, the host system will report more CPU capacity than is actually available, and eComscan will use “idle” capacity that isn’t actually idle. The only solution is to either restrict running eComscan to running at quiet times (in the night) or to move your store to a higher quality server.

Steal: is your server oversold?

You can determine whether you are running on an oversold system by using the top command. The last column shows (st)eal. If this goes above 0, you were promised more CPU than is available.

I have found a malware that eComscan did not identify?

We are sorry to hear that eComscan did not identify this instance. While our scanning technology identifies about 99.5% of all ecommerce malware, we cannot guarantee 100% coverage because criminal groups are continuously evolving their practices. Our team runs forensic cases across the globe and we are usually able to produce a signature within hours of a new malware release. But on a (very) rare occasion, a new strain may slip through, especially if it is uses obfuscation which is also used by many legitimate vendors.

Please share the specific malware with us, and we are happy to help you (free of charge) with your case.

I have patched a vulnerable extension, but it still flags red?

Our vulnerable module check uses version numbers, not code signatures. If you have manually patched a vulnerable module, you can add -patch to the version number (in Vendor/Module/etc/config.xml), so that eComscan will stop flagging it as vulnerable.

This page was last updated at Apr 22nd, 2021

Need expert advice?

We are here to help!

Get in touch