Malware detected by my hosting provider

  • Resolved caraffande

    (@caraffande)


    4 years, 7 months ago

    Hi, Piotr.
    Here I’m from the review thread.
    As said, my hosting provider (infomaniak.ch) is detecting malware in your plugin’s code. In particular in your pp-process.php file.
    I’ve analyzed it. No doubt, your PHP code is well written, so you know your job.
    But there’s a problem that a good programmer like you cannot be unaware of.
    You’re using a combination of eval, base64_decode and str_rot13. No wonder than that any antivirus would detect your code as suspicious (at best).
    I can understand your need to protect your code from pirate copying but I think you should consider other options to protect your plugin’s code.
    I am myself, frankly speaking, quite distrustful when I see such code too.
    Please note that I’m a paying user (as you can easily verify) so it is not that “I’m trying to steal your job”.
    Another point that makes me skeptical is that you state in your description that your chat is fully standalone but, again, this is not completely true since you’re using fcm google apis.
    That said I’m forced tu uninstall your plugin.

    • This topic was modified 4 years, 7 months ago by caraffande.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Piotr Pesta

    (@piotr-pesta)

    Hi,
    so if I understand it good – it’s not malware but you are upset, because there is base64 (that hiding license verifying part of code, it has to be there to make it little harder to hack by non-developer user). You can easily decode it by yourself to see what is inside. Firebase Cloud Messaging (FCM) – it’s Google library to communicate with Android app, if you can’t trust Google than I’m really sorry and cannot help you more.

    Of course it’s your decision, but I think 1-star rating because you are afraid of base64 and Google FCM and you know it’s not malware is pretty unfair. But like I said it’s your decision, as an engineer you can always write that plugin by yourself.
    Best wishes,
    Peter

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Here I’m from the review thread.

    Thanks for that, I’ve archived your review. Don’t use the reviews that way, if you have a question for a developer of a plugin then the support forum is the place to have that conversation.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I missed this part.

    Please note that I’m a paying user

    Please note that the developer can’t have conversations with any customers in these forums. That’s not allowed for anyone.

    For pro or commercial product support please contact the developer directly on their site. This includes any pre-sales topics as well.

    As the developer is aware, commercial products are not supported in these forums. I am sure they will have no problem supporting you there.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Malware detected by my hosting provider’ is closed to new replies.