beware on this plugin

  • artizkace

    (@artizkace)


    8 years, 1 month ago

    Guys don’t install this plugin is malware, my website get blocked.

    > ==>

    > CLAMAV SCAN INFO (infected files):

    > [clamav result empty]

    > ==>

    > `SKRYPT’ SCAN INFO (suspicious files):

    > www/arturzolkowski/wp-content/plugins/amp/includes/sanitizers/class-amp-allowed-tags-generated.php

    >

    > ==>

    > LOCKED VIRTUAL HOSTS:

Viewing 2 replies - 1 through 2 (of 2 total)
  • David Cramer

    (@desertsnowman)

    8 years, 1 month ago

    @artizkace, Thanks for pointing this out.
    This is really a false positive. The file mentioned class-amp-allowed-tags-generated.php contains sanitisation rules and therefore will have certain tags mentioned. Many of these malware scanners simply do a low level scan for words, not really scanning what the code is. This is likened to saying “bomb” on an airplane and then getting shot for being a terrorist.

    Do you have any more details of the results above so that I could look at what the exact thing it doesn’t like? This would help tremendously, and would be very much appreciated.

    I will also look at CLAMAV to see what I can do on our side to prevent this kind of false positive in future.

    Thanks!
    ~ David

    • This reply was modified 8 years, 1 month ago by David Cramer.
    David Cramer

    (@desertsnowman)

    8 years, 1 month ago

    @artizkace correction, not ClamAV – that was clear. The info came from SKRYPT which I’m having a hard time trying to find out what that is. Would you be able to help me identify what system is doing the scan?

    Thanks!
    ~ David

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘beware on this plugin’ is closed to new replies.