Thread: Hostgator Blocked My Outbound Port 80/443 because of ckeditor.js
View Single Post
  #5  
Old 02-09-2016, 09:31 AM
anupam_luv anupam_luv is offline
 
Join Date: Feb 2007
Posts: 31
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I did remove the file and replaced it with a new file download ... and re-scanned ... it again reported it as virus....

I raised a ticket regarding the issue and hostgator replied with the following response. ...

-----------------------------------------
From server logs, I could see that port 80/443 is blocked for the user xxxxxxx. This could be a reason for the issue you have reported earlier.

We have an automated scanning cron which disables port 80/443 of a user, when the user account has malicious file(s). Also, it disables all such file(s) with immutable attribute and null permission to avoid further infection. Check the scan results given below:
=======
Infected files: 2

/home/xxxxxxx/public_html/dstreetdirect.com/clientscript/ckeditor/ckeditor.js
/home/xxxxxxx/public_html/fitnessmatter.com/forum/clientscript/ckeditor/ckeditor.js
=======

As of now, I have reverted immutable attributes and null permission set on above file(s) so that you can modify those files(s).

Please note that, simply deleting/replacing infected file(s) will not be a permanent solution. If any of those file is used by your website theme/plugin/CMS then removing those file(s) may cause downtime to your websites.

Hence, I suggest you to double check your website contents like CMS, themes, plugins and make sure that they are up-to-date. Further, scan and re-upload above mentioned file(s) and get back to us.

Once your account is cleaned, we will activate port 80/443 for the user xxxxxxxxxx.

This will help you to avoid similar issues in future.

------------------------------------------

After that I repeated same steps .... Scanned > Quarantined > Re-uploaded new file > Scanned Again .... and again found same files as virus... Deadlock!!!
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01282 seconds
  • Memory Usage 1,760KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete