Security issues in mpdf directory?

  • Resolved internethappens

    (@internethappens)


    8 years, 1 month ago

    I love what this plugin could potentially offer but after installing I am immediately getting security notifications (malware) for 7 files in the mpdf directory. They appear to be possibly language files. Anyone?

Viewing 13 replies - 1 through 13 (of 13 total)
  • Thread Starter internethappens

    (@internethappens)

    Oops! That’s the mpdf/patterns directory

    Peter La Fond

    (@myinternetscout)

    Has this question been addressed? What security program is flagging the files?

    Thread Starter internethappens

    (@internethappens)

    I’m using Anti-Malware Security and Brute-Force Firewall plugin by Eli Scheetz, which has been extremely useful flagging and removing malware and threats. I really want to use Gravity PDF but I can not risk taking any chances.

    Peter La Fond

    (@myinternetscout)

    Hi! I scanned a dev site with the plugin installed using Wordfence and Sucuri, and individual files with Kaspersky. All three malware tools said this plugin was clean and free of malware.

    Can you double-check with Eli Scheetz to verify what you’re seeing is a false positive? Security programs spit out false positives all the time. Or, it could be that your site or client is infected. Can you please identify the names/locations of the files you’re saying are infected? I’d like to do further research on my side as well.

    Thanks! Peter

    Plugin Author Jake Jackson

    (@blue-liquid-designs)

    Can you please identify the names/locations of the files you’re saying are infected

    We’ll need this information to investigate further. It would also help if there was any indication exactly why these files were flagged as malware. Thanks!

    Thread Starter internethappens

    (@internethappens)

    GravityPDF files flagged by Anti-Malware from GOTMLS.NET

    GravityPDF- Flagged FIles by Anti-Malware from GOTMLS.NET

    Plugin Author Jake Jackson

    (@blue-liquid-designs)

    Thanks for the additional information.

    These are false positives. Those files are used to help auto-hyphenate different languages. Since Mpdf supports UTF-8 there’s a lot of unicode patterns which are likely being picked up by the scanner. I’ll get in touch with the author and see if we cannot resolve this issue.

    Thread Starter internethappens

    (@internethappens)

    Thank you for clarifying. I look forward to using GravityPDF. Cheers!

    Plugin Author Jake Jackson

    (@blue-liquid-designs)

    Not a problem.

    If you would like to keep apprised of our communication with the GOTMLS.NET authors please follow this topic.

    Avast also flagging same issue.

    Update from Avast they had a false positive issue that was fixed at 3am this morning. No longer seeing the same warnings. So maybe fine.

    Peter La Fond

    (@myinternetscout)

    @blue-liquid-designs

    this is great news! Thanks for clearing this up!

    – Peter

    Plugin Author Jake Jackson

    (@blue-liquid-designs)

    Just an update, the author of the security plugin has released a fix for this false positive.

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘Security issues in mpdf directory?’ is closed to new replies.

Tags