Sucuri warning that a backwpup file infected.

  • Resolved skunkworks

    (@skunkworks)


    5 years, 11 months ago

    Receiving the following warning from Sucuri.

    Our server side scanner identified some issues on the website.

    Site: xxxxxxxxx.com
    Status: Infected

    Warning: File possibly compromised: ./wp-content/plugins/backwpup/vendor/microsoft/windowsazure/tests/framework/RestProxyTestBase.php (php.malware.assert.010). Manual review recommended.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support BWU support

    (@duongcuong96)

    5 years, 11 months ago

    @skunkworks
    I don’t think this is an issue because of we using directly library from Microsoft 🙂

    Thread Starter skunkworks

    (@skunkworks)

    5 years, 11 months ago

    I don’t think this is an issue because of we using directly library from Microsoft

    Unless you’re linking to a verifiable remote copy of the file (eg: https://raw.githubusercontent.com/Azure/azure-sdk-for-php/master/tests/framework/RestProxyTestBase.php)

    Then without [an MD5 hash](http://onlinemd5.com) to check against there’s no guarantee that the file is indeed “directly” from Microsoft and hasn’t been modified. How does a user like myself know that it hasn’t been tampered with? Or that you didn’t accidentally obtain a copy of the file from an untrustworthy source?

    Strangely the folder /tests/ does not exist. Or no longer exists. So I guess this point is moot.

    But just saying “we using directly library from Microsoft” doesn’t automatically make everything ok.

    Plugin Support BWU support

    (@duongcuong96)

    5 years, 11 months ago

    @skunkworks
    Sorry, there is nothing we can do because of its vendor code.
    Maybe we can open an issue for MS Azure team…

    I’m going to close your report now, If you still have a question, just let me know.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Sucuri warning that a backwpup file infected.’ is closed to new replies.

Tags