WHMCS Client Area blocked by BitDefender for Malware

[bitsbc]

Hi All,

I've been having issues with accessing my Client Area and it seems that customers who use BitDefender also experience the same issue. I can get by it by adding the site to exceptions list but others who use it may not be as smart. My question is why is Malware showing up in the first place?   How would I even get rid of it? I have ImmunifyAV on the server and it didn't find anything.

My environment is being hosted on a CyberPanel server and only hosts WHMCS and 1 website. 

https://www.virustotal.com/gui/url/3d27357955c5d6c841fe65be478fbde02adaeb3c3550b6f31438088b9af50694/detection

 

Thoughts? Ideas? 

[bear]

May want to check your addons/plugins for WHMCS. I'd disable them temporarily and recheck. If it passes, enable one by one, checking after each one. 

[bitsbc]

I tried this but still get the same issue.... I tried disabling plugins/addons but no dice. Any thoughts?

[bear]

The report says three vendors, but shows only two. One says suspicious, the other malicious. 
Norton websafe also flags it: "Malicious Sources/Malnets". 

Does the other website on the account also get flagged?

Have you tried reaching out to virustotal to ask what is being flagged or why?

[bitsbc]

It's annoying... they haven't responded. Not sure what else I can do.... any other options for scanning online to find out what files could be infected? 

[bear]

It now shows 4 are unhappy with it. Is it possible the "phox" template has something to do with the issue?
You might consider changing that to a default, at least temporarily, and seeing about a rescan from them (there's a button for it). I don't know if it really checks real time (it may just ask various vendors their opinion), but worth a shot. 

You might also ask Bitdefender?
https://www.bitdefender.com/consumer/support/answer/29358/

Edited September 23, 2023 by bear