Infected file identified by host

  • Resolved Fionder

    (@fionder)


    1 year, 9 months ago

    Hi

    I received a malware notification from my host for this site, and the details are as follows:

    Filename: quick-contact-form.php
    …./wp-content/plugins/quick-contact-form/legacy/quick-contact-form.php

    Exploit: php.mail.substr.strchr.get.email.mail.php.php.php

    I tried deleting the plugin and reinstalling it, but that didn’t resolve the issue.

    Please can you advise?

    Thank you

    • This topic was modified 1 year, 9 months ago by Fionder.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Alan Fuller

    (@alanfuller)

    What scanning tool is that?

    What host?

    Someone else reported this on 20i host. I inspected the code and there was nothing.

    They have referred it to 20i support to investigate why their rule has been triggered. Likely a false positive.

    I suggest you report to your host support explaining a clean install still triggers the alert and ask them to investigate what is triggering their rule.

    please report back

    Thread Starter Fionder

    (@fionder)

    Hi Alan

    Yes, it is 20i. I will also put in a support request to try to get them to get this sorted. I did wonder as the site is on BlogVault and that didn’t pick up anything suspicious.

    Thank you for your support and for coming back so quickly – much appreciated.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Infected file identified by host’ is closed to new replies.

Tags