Suspicious File Alert
-
Hi
After Upgrade X-Cloner to Version: 4.0.1 I’m receiving this emails:lfd on server.XXXXXX.com: Suspicious File Alert
Time: Sat Feb 25 15:38:00 2017 -0500
File: /tmp/.xcloner-b940a
Reason: Suspicious directory
Owner: XXXXXX:xxxxxxxx (508:507)
Action: No action takenNow I’m afraid that the upgrade came infected with a virus or my site being hacked.
I went to http://www.xcloner.com/ the website for the plugin its showing “Error establishing a database connection” Can anyone please give me an advise.
Thanks
-
The /tmp/.xcloner-b940a is just a temporary folder xcloner creates to store it’s sensitive data before adding it to the backup archive, i am not sure why your scanner would consider that infection, the folder contains the mysql backup of the database, the backup log file if enabled and a file list in csv format and they are deleted after the backup is finished. So this might be a false positive.
Can you check if the folder persists on server after the backup is completed? The last 5 chars of the folder name are the same at the last 5 chars of the generated backup like b940a.tgz
XCloner does require a temporary folder to be accessible at all times for the rest of it’s operations, but usually that folder remains empty.
I have added an option (named “Force Temporary Path Within XCloner Storage”) in the XCloner System Tab where you can choose to change the XCloner temporary folder to be with the Storage Location defined in the General tab, default is unchecked
See if this works ok for, you might have to manually delete the the created tmp/.xcloner-xxxxx folder to disable those notifications after installing XCloner and enabling that option
The topic ‘Suspicious File Alert’ is closed to new replies.
