Support » Plugin: Anti-Malware Security and Brute-Force Firewall » miniorange mo2fa_inline_registration.php known threat?

  • Resolved ehrichweiss

    (@ehrichweiss)


    Today I did a scan and was told that mo2fa_inline_registration.php from the miniorange 2fa plugin is a threat but upon looking at it, I can’t see anything wrong with it that I can point out. I just updated the plugin today. Can someone give me some insight as to what the deal is and whether I should actually fix this particular file?

    Thanks

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    It took some searching but I found the file …/controllers/twofa/mo2fa_inline_registration.php in theplugin called miniorange-2-factor-authentication. Next time please give the full plugin name or a link to the full contents of the file so that I can tell what you are referring to.

    This does look like a false positive so I would suggest that you white list this file and do not fix it using my plugin. The problem that was found was that the developers put a lot of their JavaScript tags after the closing </body> tag. This is improper HTML coding, nothing should ever go between the </body> and </html> tags. It is usually malicious scripts that are injecting into your HTML after the closing </body> tag. This kind of sloppy HTML coding is usually forgiven by most browsers and it ends up working the way it was intended (which is how hackers get away with executing their scripts there) but it is improper and should really be moved inside the BODY. I will contact the developer about this so that they may change their code in the next release.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.