Sucuri Scan – False Positives?

  • Resolved daleydesign2021

    (@daleydesign2021)


    3 years, 8 months ago

    Sucuri Server side scans are flagging these files as malware, want to confirm they are required for the plugin to function properly. Assume its catching the base64, files have not been modified in any way since the plugin was installed. Thanks in advance, here are the files/warnings:

    File Path Definition
    wp-content/plugins/wp-rest-api-authentication/admin/partials/config/output/class-mo-api-authentication-basic-oauth-config.php
    htaccess.malware.generic.005

    wp-content/plugins/wp-rest-api-authentication/admin/partials/config/output/class-mo-api-authentication-tokenapi-config.php
    htaccess.malware.generic.005

    wp-content/plugins/wp-rest-api-authentication/admin/partials/config/output/class-mo-api-authentication-jwt-auth-config.php
    htaccess.malware.generic.005

    From InMotion’s (web host) scan:
    Found:
    /wp-content/plugins/wp-rest-api-authentication/admin/partials/class-mo-api-authentication-admin-menu.php: hex match,{HEX}php.base64.inject.179.UNOFFICIAL

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author miniOrange

    (@cyberlord92)

    Hi @daleydesign2021,

    Thanks for reaching out to us.

    Yes, these files are required for the plugin to function properly, and It is a legitimate code, and you don’t need to worry about it. As some method requires to encode the token to base64, so Sucuri is pointing that as well.

    It is a false positive, you can whitelist our plugin so that you won’t get this warnings again.

    Let us know if you need any help. We’d be happy to help.

    Thanks
    Team miniOrange

Viewing 1 replies (of 1 total)
  • The topic ‘Sucuri Scan – False Positives?’ is closed to new replies.