Hosts Treating API as Malware

Tagged: ,

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #571414
    MaFt
    Blocked

      Just a heads up for anyone using the PHP API.

      Unfortunately some of my sites are ‘hosted’ by GoDaddy (but technically TSO Host in the UK – initially they were on Vidahost who were great, but then owners changed etc).

      Anyway, had some issues these last few days that they’re flagging up the nxs-snap-api files as being malware (specifically: “php.spam-seo.fake_docs_plugin.001”) and my account being blocked. I’ve got a support ticket open with them and am trying to explain that they are legitimate files but I seem to be shouting into thin-air. It’s being ‘escalated’ for someone to look into…

      I’m hoping they will see sense because while I hate TSO it will be a massive pain to move these sites elsewhere just to carry on using NXS that they’ve now decided to class as malware with no apparent method of whitelisting.

      Just thought I’d give anyone else here a heads up!

      #571431
      MaFt
      Blocked

        Specifically it is the ‘/inc/nxs-functions.php’ file that they are flagging as malware.

        Note that GoDaddy own Sucuri so there is a chance that similar code will be flagged by Sucuri in the WordPress plugin…

        #571474
        NextScripts
        Keymaster

          Please let us know the outcome of the ticket.

          Our premium API file uses function “eval”. It does it for totally legitimate reasons, but some overprotective security checkers mark any kind of “eval” usage as malware. But again, its premium API file. nxs-functions.php is just a file from free plugin with some regular functions in it. It’s open source and available on wordpress.org. It was checked million times by thousands of different users including some serious security companies.

          Are you sure that files on your site are original plugin files and they were not modified by some actual malware?

        Viewing 3 posts - 1 through 3 (of 3 total)
        • You must be logged in to reply to this topic.