Title: Plugin Has Infected Files Last modified: March 27, 2025 --- # Plugin Has Infected Files * Resolved [Juba](https://wordpress.org/support/users/brightonseo/) * (@brightonseo) * [1 year, 1 month ago](https://wordpress.org/support/topic/plugin-has-infected-files/) * Just letting you know that my server malware scanner picked up infected files in this plugin. * plugins/independent-analytics/vendor/matomo/device-detector/regexes/bots.yml * I’ve had to disable it as I don’t want to have problems with the website for something I can do without. * Hope you find a way to remove the malware. * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fplugin-has-infected-files%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Author [Ben Sibley](https://wordpress.org/support/users/bensibley/) * (@bensibley) * [1 year, 1 month ago](https://wordpress.org/support/topic/plugin-has-infected-files/#post-18385962) * That is not malware. There is a mistake in the programming of the malware scanner that you are using, so it is creating a false-positive. * YML files are perfectly normal files that are used like XML or JSON files. The bots.yml file in question has patterns used to match against different types of bots that might visit your site so that they can be filtered out. It is part of [Matomo’s device detection library](https://github.com/matomo-org/device-detector), which is used on many thousands of websites. * Can you please update your negative review with this new information in mind? A malware allegation is very serious business. * Thread Starter [Juba](https://wordpress.org/support/users/brightonseo/) * (@brightonseo) * [1 year, 1 month ago](https://wordpress.org/support/topic/plugin-has-infected-files/#post-18386080) * It’s not an allegation, it’s a real result from a scan. Why would I lie mate. It says infected files so I’m simply passing on the info. * Plugin Author [Ben Sibley](https://wordpress.org/support/users/bensibley/) * (@bensibley) * [1 year, 1 month ago](https://wordpress.org/support/topic/plugin-has-infected-files/#post-18386135) * The file you mentioned does not contain any malware and you don’t have to take my word for it because you can view that exact file hosted here on wordpress. org: [bots.yml](https://wordpress.org/support/topic/plugin-has-infected-files/?output_format=md). * **I am not accusing you of lying**. I am saying that the host’s malware scanner created a false-positive. My role is to let you know that this info is incorrect, and that our plugin does not actually include malware in it. My intention is not to offend you or make any of this personal. I just want to be very clear because it is such a serious matter. - This reply was modified 1 year, 1 month ago by [Ben Sibley](https://wordpress.org/support/users/bensibley/). Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Plugin Has Infected Files’ is closed to new replies. * ![](https://ps.w.org/independent-analytics/assets/icon.svg?rev=3504049) * [Independent Analytics](https://wordpress.org/plugins/independent-analytics/) * [Frequently Asked Questions](https://wordpress.org/plugins/independent-analytics/#faq) * [Support Threads](https://wordpress.org/support/plugin/independent-analytics/) * [Active Topics](https://wordpress.org/support/plugin/independent-analytics/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/independent-analytics/unresolved/) * [Reviews](https://wordpress.org/support/plugin/independent-analytics/reviews/) * 3 replies * 2 participants * Last reply from: [Ben Sibley](https://wordpress.org/support/users/bensibley/) * Last activity: [1 year, 1 month ago](https://wordpress.org/support/topic/plugin-has-infected-files/#post-18386135) * Status: resolved