cleanup: comment out too broad patterns

Author: orvn

scan.php

@@ -63,7 +63,6 @@
     '/fwrite\s*\(/i', // Writes to file
     '/fread\s*\(/i', // Reads from file
     '/file_put_contents\s*\(/i', //  Writes to file
-    '/file_get_contents\s*\(/i', // Reads from file
     '/unlink\s*\(/i', // Deletes file
     '/rename\s*\(/i', // Renames file
     '/file_get_contents\s*\(\s*("|\')https?:\/\//i', // Remote file inclusion
@@ -132,16 +131,16 @@
     // Shell tricks
     '/`.*`/i', // Backticks suggest suspicious shell exec usage
     '/backdoor/i', // Indicates potential backdoor
-    '/shell/i', // Indicates shell commands
-    '/cmd/i', // Indicates command execution
+    // '/shell/i', // Indicates shell commands
+    // '/cmd/i', // Indicates command execution
 
     // WP specific
     '/add_action\s*\(.*base64_decode/i', // Obfuscated code in WP hook
     '/add_filter\s*\(.*eval/i', // Code execution in WP filter
     '/wp_eval_request\s*\(/i', // Known malicious plugin pattern
     '/\$GLOBALS\s*\[\s*["\']wp_filter["\']\s*\]/i', // Manipulates WP global hooks
-    '/functions\.php/i', // Indicates direct theme function manipulation
-    '/wp-config\.php/i', // Indicates tampering with configuration
+    // '/functions\.php/i', // Indicates direct theme function manipulation
+    // '/wp-config\.php/i', // Indicates tampering with configuration
 
     // Dynamic inclusion (too many false positives)
     // '/include\s*\(/i',