Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Latest post by nicholas on Sunday, 20 March 2022 15:54 CDT
Hello,
on hosting Active24.cz I received a notification on multiple domains that the file restore.php contains malware - the original message. I am sending the file in an attachment.
Regards Milan
We have found the malware in following files:
www/administrator/components/com_akeeba/restore.php (contains {HEX}Malware.Expert.php.unlink.error.reporting.unlink.unlink.unlink.unlink.file.put.contents)
This is a false positive.
This file is used with integrated restoration. It of course has the ability to write to files (file_put_contents) otherwise you could not extract anything. It of course has the ability to delete files (unlink), otherwise it could never perform the clean-up step where it removes the installation directory and you'd never be able to use your site. It of course has the ability to change the PHP error reporting because a too verbose level would possibly break the AJAX requests.
Please contact your host and let them know this is a legitimate file they should whitelist.
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.
Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!