Support » Plugin: AMP for WordPress » beware on this plugin

  • Guys don’t install this plugin is malware, my website get blocked.

    > ==>

    > CLAMAV SCAN INFO (infected files):

    > [clamav result empty]

    > ==>

    > `SKRYPT’ SCAN INFO (suspicious files):

    > www/arturzolkowski/wp-content/plugins/amp/includes/sanitizers/class-amp-allowed-tags-generated.php

    >

    > ==>

    > LOCKED VIRTUAL HOSTS:

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support David Cramer

    (@desertsnowman)

    @artizkace, Thanks for pointing this out.
    This is really a false positive. The file mentioned class-amp-allowed-tags-generated.php contains sanitisation rules and therefore will have certain tags mentioned. Many of these malware scanners simply do a low level scan for words, not really scanning what the code is. This is likened to saying “bomb” on an airplane and then getting shot for being a terrorist.

    Do you have any more details of the results above so that I could look at what the exact thing it doesn’t like? This would help tremendously, and would be very much appreciated.

    I will also look at CLAMAV to see what I can do on our side to prevent this kind of false positive in future.

    Thanks!
    ~ David

    • This reply was modified 3 weeks, 5 days ago by  David Cramer.
    Plugin Support David Cramer

    (@desertsnowman)

    @artizkace correction, not ClamAV – that was clear. The info came from SKRYPT which I’m having a hard time trying to find out what that is. Would you be able to help me identify what system is doing the scan?

    Thanks!
    ~ David

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this review.