Thread Starter
genweb
(@genweb)
After talking with the hosting provider support, they say that the file is using malware functions and they will not disable the protection, so I am not able to use the plugin.
I was inspecting every line of the file and it seems that the function
doubleval( $_POST[‘rate’]
in line 1940 may be the problem.
Any suggestion to replace that line for another -non eval- function?
Thanks!
Thread Starter
genweb
(@genweb)
More info about this false positive, it seems that a lot of people experience it.
https://github.com/waja/maldetect/issues/17
https://github.com/rfxn/linux-malware-detect/issues/215
https://github.com/nbs-system/php-malware-finder/issues/51
My next test will be replacing doubleval by floatval, probably the wrong antimalware regex should not false positive “floatval”.
Thread Starter
genweb
(@genweb)
24 hours after replacing doubleval by floatval: it seems that the malware scan is no longer renaming the file, so I think this solves the problem.
Hello there,
I hope you are doing well!
We have made this adjustment (replacing doubleval() by floatval()) in the plugin.
This change will be available in the next update of the plugin.
Have a nice day!
Thread Starter
genweb
(@genweb)
Thats cool.
It is still working fine on my side after doing that change.
Thank you!
Hello there,
hope you are doing well!
Thank you for notifying these small mistakes.
We really appreciate your requests.
I’m going to resolve this topic. If you have any doubt, please, don’t hesitate to contact us, we will be happy to help you.
Have a nice day!
