• Resolved nobenati

    (@nobenati)


    My malware scanner is flagging /wp-content/plugins/updraftplus/includes/updraftclone/updraftplus-temporary-clone-status.php as suspicious because of the really long base64 encoded string for the logo. Was this a change done recently? Base64 encoding usually is suspicious when I come across it in files, but I decoded it into the PNG that it is, and it looked ok to me. Just wanted to let you know.

    • This topic was modified 6 years, 6 months ago by nobenati.
    • This topic was modified 6 years, 6 months ago by nobenati.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor aporter

    (@aporter)

    Hi,

    Sorry about the delay over the weekend.

    Yes that file and base64 encoded logo was added in the last update as part of our new UpdraftClone feature.

    Best Wishes,

    Ashley

    Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    Hi,

    Thanks…. though…. what is it that you’re wanting us to know? I can’t work it out from the above. If your malware scanner is giving a false positive, then the best thing to do is to raise a support issue with the providers of the malware scanner to let them know. They can easily decode any base64 strings they detect to see that what the thing is when decoded (e.g. as in this case, that it’s an image, and not a poor attempt to hide some PHP code), and if they do that, everybody will be happy. Only they can do that, so, they’re the best people to talk to about it.

    Best wishes,
    David

    Thread Starter nobenati

    (@nobenati)

    I guess I wanted to double check it was expected there. I am not requesting it be changed. It’s easy enough to add to my list of ignored files for now. I will bring it up to the malware scanner team and see if they can look into it. But I’d rather have a false-positive than a missed malicious file so I’m ok with it. I wanted to bring it up here in case others come across it. Thanks for the timely response.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Updraft Clone Suspicious File Alert’ is closed to new replies.