Anonymous User 17160716
(@anonymized-17160716)
Zilverbeuk, hi there.
But a few months ago my hosting provider deleted the plugin, after my websites where hacked, because they said it contained malware that infected my website.
I doubt they did an investigation of the incident, so I assume there could be two possible scenarios:
– the site was hacked through a vulnerability in this plugin, which resulted in further infection;
– the site was hacked in another way, and the infection could affect the files of this plugin. Then support staff of your hosting could automatically detect some malicious code and rush to the conclusion that this plugin is the root cause of the hack.
In any case, you should ask them for a specific file and a piece of code that they call malicious.
Hi,
They didn’t give me any code. They just said the plugin contained malware. I had to solve it, but the person helping me said it took to long and got annoyed with me (I have other things to do than just run my website). So he wanted to shut my website down completely. I think this person had a bad day, because normally they are very friendly when helping out.
I know my website was hacked and I do think that was why this plugin and others files got infected with malware.
And wouldn’t this plugin be taken down when it would contain malware?
Anonymous User 17160716
(@anonymized-17160716)
Zilverbeuk, heya.
If your tech guy really understands the problem and he’s sure as hell that there’s malicious code in the plugin, then he must provide the facts as well, otherwise they’re just useless words.
Alas, in the WordPress ecosystem, various plugins are often accused of having malicious code after a site is hacked. In fact, this is either a vulnerability in the plugin that led to a hack, or the plugin files were simply infected, and the developers aren’t to blame in this case.
And wouldn’t this plugin be taken down when it would contain malware?
It will, but so far you haven’t provided information about where exactly the malicious code was found. Since the plugin’s source code is open, you only need to indicate the name of the file and the malicious lines of code.
It will, but so far you haven’t provided information about where exactly the malicious code was found. Since the plugin’s source code is open, you only need to indicate the name of the file and the malicious lines of code.
And I can’t because that info wasn’t given to me. They just said it was a Trojan horse. But never gave me any further information than that.
Anonymous User 17160716
(@anonymized-17160716)
Zilverbeuk,
But never gave me any further information than that.
That’s why I’m saying that they should provide you with this information. Otherwise, it looks like they’re just deceiving you and they don’t want to help with solving the problem.
Well, it seems like their problem solving was removing the plugin and tell me not to install install it again.
They did get my website cleaned up and working again after is was hacked.
But I do agree that they have had to give me more information. It’s too late to get it now.
But it seems like I can install the plugin from WP trio without any concerns.
Can I check it with a virusscanner to see if there is any malware/Trojan horse in the plugin? Would be just for my own peace of mind.
Anonymous User 17160716
(@anonymized-17160716)
Zilverbeuk,
Well, it seems like their problem solving was removing the plugin and tell me not to install install it again.
The “classic” solution when you don’t want to deal with the problem.
They did get my website cleaned up and working again after is was hacked.
Since the term “Trojan horse” came up and seeing the regular expressions in the .htaccess file, I’m guessing they used an AV that did the cleaning. If I’m right, then:
– such AVs can’t fix vulnerabilities;
– never find all infected files, if the infection wasn’t the most primitive;
– usually have a lot of false positives;
– mislead ordinary users with the names of their signatures.
But I do agree that they have had to give me more information. It’s too late to get it now.
I’m in doubts that your tech guy actually fixed the vulnerability, so you have all chances to go through the same scenario with the hack once again.
Can I check it with a virus scanner to see if there is any malware/Trojan horse in the plugin? Would be just for my own peace of mind.
Sure, you can upload the whole ZIP archive to virustotal.com and check out the results.
@m0ze Thanks for explaining and helping out.
I did an online check (https://sitecheck.sucuri.net/) off my website and that check said it couldn’t find any malware and the site is not blacklisted. I know it’s not a complete scan, but it gives a good indication I think.
And the plugin is clean also. So I should be able to install it on my website, but I’m still a little bit scared to do so…
Anonymous User 17160716
(@anonymized-17160716)
Zilverbeuk, well, if you need this plugin, then make a full backup of the site (files + database), then feel free to start experimenting. Thus, you will insure yourself in case something goes wrong – you can restore the site from an up-to-date backup.
But along with this, I would advise you to think about where do you host your site if all the support you have here is about removing the plugin instead of fixing the vulnerability itself.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
I have used WooCommerce Conditional Shipping Pro
For pro or commercial product support please contact the developer directly on their site. This includes any pre-sales topics as well.
As the developer is aware, commercial products are not supported in these forums. I am sure they will have no problem supporting you there.
