Malicious activity found on my hosting

Home Forums Product Support Forums Related Posts Pro for WordPress Support Malicious activity found on my hosting

This topic contains 4 replies, has 2 voices, and was last updated by  Ernest Marcinko 2 years, 9 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #6923

    funlolz
    Participant

    Hello,
    I got problem when install Related Posts Pro plugin. When uploading plugin folder via ftp. My hosting notice I got unwanted malware/virus from:
    /home/wowmart/public_html/wp-content/plugins/related-posts-pro/includes/hooks.php
    (quarantined to /home/hawkinfected/cxsuser/wowmart/hooks.php.1449467884_1) ClamAV detected virus = [{HEX}base64.inject.unclassed.6.UNOFFICIAL]
    What problem with plugin and tell me how to fix.
    Thank you !!

    #6924

    Ernest Marcinko
    Keymaster

    Hi!

    Looks like the host detected the plugin as a false-positive. I have no idea why, perhaps some code parts resemble something for the heuristics filter.

    Have you tried to install the plugin via the plugin manager? It's much better than using FTP to upload, and might not give you this warning.

    Otherwise I guess you will have to whitelist that file somehow. Maybe there is an option on your CPanel or equivalent hosting settings page, where you can whitelist files. Maybe you will have to contact the hosting provider to do it for you.

    Best,
    Ernest Marcinko

    If you like my products, don't forget to rate them on codecanyon :)


    #6955

    funlolz
    Participant

    Thank you ! That problem has solved by hosting provider.
    So I have some else trouble :
    1. I have some product want to relative with post but after set up custom content (Pic 1a) it now show any content below description (Pic 1b)
    2. When I set instance “Related Products” then turn on “Show the plugin under content?”, “related product” and “may you like …” got too jumble (Pic 2) (Link: http://wowmart.vn/sp/thuoc-bo-danh-cho-phu-nu-tren-50-tuoi-one-a-day-womens-50-multivitamins-200-vien/)
    Sorry for my bad English
    Thank you !

    Attachments:
    You must be logged in to view attached files.
    #6973

    funlolz
    Participant

    I'm getting problem again when installing “Pro Related Post”, hosting system noticed to me :
    Our systems performed a routine malware/virus scan on the account wowmart under your reseller account wowmartc and unfortunately located infected/malicious files. We've automatically moved the infected files(s) out of your public_html directory into a safe, quarantined directory. Below is the file our scanners were able to locate:

    /home/wowmart/public_html/wp-content/plugins/related-posts-pro/includes/hooks.php
    (quarantined to /home/hawkinfected/cxsuser/wowmart/hooks.php.1449623400_1) ClamAV detected virus = [{HEX}base64.inject.unclassed.6.UNOFFICIAL]
    I have tried to ask hosting provider add to whitelist but they don't (Hawkhost). Could you help me resolve this ?
    Thank you !

    #6980

    Ernest Marcinko
    Keymaster

    Hi!

    I gladly help you if I can. I'm attaching a modified version to this post, please try installing it. I think I might know why the virus scanner was reporting the issue…

    Let me know if this works, and I help with the other problems as well.

    Attachments:
    You must be logged in to view attached files.
    Best,
    Ernest Marcinko

    If you like my products, don't forget to rate them on codecanyon :)


Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.