20i malware scanner flags GOTMLS

Home Forums Support Forum 20i malware scanner flags GOTMLS

This topic contains 3 replies, has 2 voices, and was last updated by  Lee Busch Lee Busch 2 years, 3 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #73911

    I’m not sure if this is the best way to communicate with you about this, but after just installing GOTMLS yesterday, the webhost flagged a GOTMLS file as malware.

    Which is so ironic.

    I’m not suggesting you are malware, but rather that this is a false positive, and I’m not sure what to do about it. Maybe this scanner is used at many webhosts and you can communicate with the scanner’s authors?

    If links are permitted, here is a screengrab of the virus report:

    https://share.getcloudapp.com/8Lu1Grk7

    #73912

    Here is the text of the error path, for your convenience:

    index.php/home/sites/17a/0/08b0da06f8/public_html/preventdementia/wp-content/plugins/gotmls/images/index.php

    php.error.reporting.if.isset.str.replace.str.replace.str.replace.str.replace.str.replace.file.get.contents

    #75099

    Anti-Malware Admin
    Key Master

    Thank your for informing me of this false positive. I don’t know what software they are using to make this determination but it is obviously wrong. I submitted a support ticket with MakersHost when you posted this support topic and have still not heard back from them, is that normal in your experience?

    Based on the screenshot you provided I was able to make a guess that their detection might be because I am using the error_reporting function in my code for debugging server errors. I have just release a new plugin update without that debugging code to see if that resolves the issue. Could you please download the new version 4.21.84 of my plugin and see if it is still detected by your host?

    #75297

    Thank you Eli. I just saw this, because of the time delay. A few days prior to your reply here, 2oi they asked me to reinstall your plugin and re-run their malware scanner. It did not detect the false positive that time. So maybe their vendor updated their definitions? It’s definitely a leased service — not something they control directly — but I don’t know who provides it to them :-/

    Anyway, crisis averted for now, and I can keep your plugin installed without them shutting me down. (this is the 3rd false positive I’ve gotten from them, though the only time GOTMLS was implicated).

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

Comments are closed.