FAQ

Frequently Asked Questions

My antivirus software detected a possible malicious code in plugin

Example of alert: 

This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: \x0a @exec(‘crontab

Response:
Our plugins do not contain malicious code. They contain however programming methods, that can be used in some circumstances, as malicious code. An real life example of this: a knife can be used to slice bread or in crimes. My plugins are using the knife to slice bread.
However, some antivirus companies create software that analyze code by pattern matching, and do not check exactly what the code is doing, before reporting it as malicious (they detect a knife on me, and they report me to the police for murder, without the murder even being there in the first place)…
Conclusion: My plugins are not malicious files, your antivirus software is detecting them as a false positives (files that are not malicious, but are detected as malicious by bad antivirus software).
The plugin uses crontab to schedule cron jobs outside of WordPress, it is not executing any malicious code using crontab – just to replace wp_cron, if the user selects to do so from plugin settings (otherwise this code is not executed).

 

CodeRevolution Knowledge Base

Video tutorials