Since the vulnerability database began charging for API access with only 50 free per day, the value of the extension has really been limited. It would be nice if a feature could be added so that we could enter the number of API requests we get per day (50 for free or some other for those who pay), and have the extension stop after exhausting each of those API calls and then queue up the remaining ones to begin on the following day when the credit is refreshed. This would allow the system to ‘rotate’ through sites each day as API credits were available and provide at least some level of scanning instead of nothing.
Another options would be to be able to include this as part of the maintenance extension so users could just set maintenance tasks for each site they wish to scan and have them run on different days when the API credit is refreshed.
I’m glad someone thinks so someone on the Facebook page mentioned to me that it could also be useful if the extension could group up all the plugins one has on all their child sites and send a single API request for that specific plugin and then apply the response to each of the child sites where that plugin exists to save API calls. So for instance, if I have 30 sites and ALL of them have UpdraftPlus installed, then I really just need 1 API call to check UpdraftPlus and let the extension apply the result to each of my child sites which have it installed. I have a lot of plugins that are on every single site, there’s no reason why they should each be eating up an API call - it’s very redundant.
Yes, I have the same plugins installed across most of the sites I manage. I’m guessing most people do too.
I doubt there would be too many people managing more than 100 distinct plugins, so you could effectively have all plugins scanned every second day - I could definitely live with that
Might have to put my thinking cap on and come up with a design for this one
This is a great idea. I believe I read on their site that it’s okay to cache data for up to 2 days. Maybe there could be a setting that caches requests and puts an expiration on it.
Another idea would also be to add a wp-cli option to scan individual sites so we could cron out single site scans each day rather than the option now that only includes scanning everything simultaneously, or individually with a manual click.