Is installer.template.php a backdoor? | ww.wp.xz.cn

Resolved Josh Peterson
(@josh-peterson)

12 years, 8 months ago

I just got an automated email from Dreamhost saying that they had detected installer.template.php to be a threat.

Specifically, they said

The existence of these pages on your website(s) is likely a sign you have been compromised.

So they think this file is very bad. I can say that the file is probably there because I used Duplicator, though.

So is the file in question a hazard? In the final steps of the Duplicator Installer, I ran “Delete Install Files,” I’m pretty sure. I don’t see installer.php, installer-data.sql, installer-log.txt or the package on my site, which is evidence that the deletion occurred. So either installer.template.php should have been deleted too, or Dreamhost is mistaken that this was a threat. Which is it?

(I did see an installer folder still, which included a file called main.installer.php though).

Thank you so much for your advice and for this very useful plugin.

http://ww.wp.xz.cn/plugins/duplicator/

Viewing 3 replies - 1 through 3 (of 3 total)

Cory Lamle
(@corylamleorg)

12 years, 8 months ago

Hey Josh,

Here is a helpful section on the FAQ page:
-> Browse to: http://lifeinthegrid.com/duplicator-faq/
-> Find Section: “3. Troubleshoot=> A scanner says that a security issue/malware/threat was detected is this valid?”

Quick answer is that many of those scans are false, however with security issues you should always double check.

Hope that helps…

Thread Starter Josh Peterson
(@josh-peterson)

12 years, 8 months ago

Ah, thanks. Apologies for missing that in the FAQ.

Thanks!

Cory Lamle
(@corylamleorg)

12 years, 8 months ago

No Problem! The FAQ is actually getting rather larger…

Cheers~

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Is installer.template.php a backdoor?’ is closed to new replies.

Tags

3 replies
2 participants
Last reply from: Cory Lamle
Last activity: 12 years, 8 months ago
Status: resolved