Support

Home Forums Event Espresso Premium Deleted reinstall plugin- Malware

Deleted reinstall plugin- Malware

Posted: May 16, 2018 at 12:05 pm


Joe Mangrum

May 16, 2018 at 12:05 pm

Dreamhost- sent the following and wanted met delete plugin and re-install

My question is if I delete the EE plugin entirely will i need to put in all the license info and setting again?? or is that info stored in database

is there an automated update this site license??

any other solution you can suggest?

We have recently scanned one or more users on your DreamHost account for
potential security threats. Unfortunately, we found some potential
indications that your website(s) *may* be compromised.

We understand that this may not be the best news you can get. This
notification is intended to help you through the process and serve as a
starting point to assist you in getting your account cleaned and secured.
While we won’t be able to complete these processes for you, if you have
any questions about the items that follow please don’t hesitate to reply
to this email and we will be happy to clarify any points or offer any
further guidance to help you through getting your account back to normal.

We have identified malicious content on your account, added by an outside
entity, which may include malware such as backdoor shells, adware, botnet,
and spammer scripts.

The following file(s) specifically have been identified as attacker-added
malware. We have DISABLED these files by setting their permissions to 200
(Owner write-only). You will need to audit these files and either replace
them with known good versions or remove them altogether:

/home/wp_5w5mz6/clairescreativeadventures.com/wp-content/plugins/event-espresso- core-reg/core/libraries/rest_api/assets/js/eejs-api.min.js

The existence of this known attacker content indicates that your website
or user password has been compromised. You or a trusted webmaster will
need to determine the attack vector and then take actions to mitigate
further exploits:


Josh

  • Support Staff

May 16, 2018 at 12:27 pm

Hi Joe,

event-espresso-core-reg/core/libraries/rest_api/assets/js/eejs-api.min.js
is not malware, but Dreamhost scans will identify it as so. It’s a false positive because no scan is perfect.

You can remove that file if you prefer.


Joe Mangrum

May 16, 2018 at 1:23 pm

Thanks Josh if I remove the file will it effect function of Event Espresso? is it ok to just leave as is?


Josh

  • Support Staff

May 16, 2018 at 1:33 pm

You can remove the file if you prefer, it will not affect the function of Event Espresso because it’s not currently used by anything.

You must be logged in to reply to this support post. Sign In or Register for an Account

Support forum for Event Espresso 3 and Event Espresso 4.
Documentation for EE3 and EE4
Documentation for Event Espresso 3

Documentation for Event Espresso 4

Status: publish

Updated by  Josh 1 week, 4 days ago ago

Topic Tags

Notifications

This topic is: not resolved
Do NOT follow this link or you will be banned from the site!