[Plugin: Web Security Tools] Hacking into my website

  • My host bluehost informed me that my website was being hacked through web security tools and I should remove it altogether. I have done this but I wonder if this was the source of the attack as noone else has complained about it. Basically it caused anyone who went to my website to have the PC disabled and replaced by constant requests to spend money to remove security threat…
    Does anyone know anything about this threat from web security tools???

    https://www.ads-software.com/extend/plugins/web-security-tools/

Viewing 11 replies - 1 through 11 (of 11 total)

  • It is infected with a redirect to a malware site. WordPress should take it down.

    mrivera915 – be VERY specific.

    And email this to [email protected]

    stevema – there have been no other reports about this plugin.
    It is perfectly possible that something else on the server has written to that file.

    I need the information from mrivera915 which I hope is emailed.

    REMOVED – Mark

    Sorry – I must have missed the word ‘email‘ from my reply.

    I found this, closed the plugin and will fix.

    Why did you remove my comment?

    Because giving any security related information is something we do not encourage. It can cause more problems and generally solves none. This is why we ask that all security related issues are sent to [email protected]

    One of the core contributors has checked it out. 2 others will shortly.
    The .static files are not executed.
    The site that is in those files has been compromised, not the plugin itself. If you check the warning from google you can see that something happened on 27 January. So that site has the problem and they will be informed.

    The plugin remains removed until the other site is fixed. In the meantime just delete that plugin from within the Plugins page or using FTP if you wish but right now we have no reason to believe it is bad.

    Thread Starter stevema

    (@stevema)

    Thank you for support. I am glad you guys know what you are doing! I don’t know if this is any help but about 4 months ago I got a virus infection which was similar although it did not direct to the same malware site. I never found the source of it but I wonder if it came through the same plugin?

    Plugin Author rritoch

    (@rritoch)

    Hello,

    This plugin does not install a virus on your site unless your server will execute .static files. The .static files are used to remove the virii from your server. If you get a new virii you can make your own .static files in the same folder and run the scanner to clean the virus off of your site. If you are truly paranoid you can use .htaccess to block access to any .static files.

    Best Regards,
    Ralph Ritoch

    Plugin Author rritoch

    (@rritoch)

    I will be filing a complaint against bluehost as their defamation of this plugin has lead to WordPress discontinuing this plugin. Even WordPress doesn’t understand that the plugin cannot harm a web site and that the files in question are REQUIRED to delete the associated VIRII and Threats.

    Plugin Author rritoch

    (@rritoch)

    Here is the proof that the static files are NOT a security risk. If they were than simply going to the following link would infect my own web sites.

    https://www.ralphndiaritoch.info/wp-content/plugins/web-security-tools/phpwebsectools/modules/virus_clean/definitions/sm3wv8.static

    As you can see they are displayed as harmless text files with no risk to the web browser or the server!!!

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘[Plugin: Web Security Tools] Hacking into my website’ is closed to new replies.