S3Bubble OTT Streaming

shape
shape
shape
shape
shape
shape
shape
shape

S3Bubble Support Forums

To stay up to date with the latest S3Bubble updates and tutorials please make sure you sign up to our YouTube Channel.

home Forums General Questions & Bugs Are you aware of this re Wordfence plugin alert…

Viewing 4 reply threads
  • Author
    Posts
    • #31060
      Jay
      Participant

      Hi Guys,

      I emailed you at support last month but did not get any response. So I am using this to let you know of an issue that is being flagged by a major 3rd party security site called wordfence…

      For the past two months they have S3 bubble plugin added to their TOP alert list for security issues. You can find the details here:

      The July 2017 WordPress Attack Report

      (scroll down to “ATTACKS ON PLUGINS”)

      Are you aware of this? And if so, can you throw any light on why S3 is in this alert (for the past 2 months that I am aware of)?

      I am keen to come onboard but wanted to check this out with you, before joining.

      Thanks,
      Jay

    • #31061
      s3bubble
      Keymaster

      Hi Jay,

      Yes we are aware of this, the plugin in question only ever had 10 downloads 2 years ago and is not even listed on the WordPress plugin repo it was removed months ago I have no idea where the stats are coming from we contacted the guys at Wordfence who responded and basically said it must have been added to a hacker list (full email conversation below) so it’s out of our hands unfortunately but I can assure you it has nothing to do with our main plugin feel free to check tho.

      Plugin on WordFence
      https://wordpress.org/plugins/search/s3bubble-amazon-s3-html-5-video-with-adverts/

      Our main plugin
      https://wordpress.org/plugins/s3bubble-amazon-web-services-oembed-media-streaming-support/

      Best Regards

      Sam

      • This reply was modified 6 years, 7 months ago by s3bubble.
      • This reply was modified 6 years, 7 months ago by s3bubble.
    • #31065
      s3bubble
      Keymaster

      Here is our full conversation with Wordfence if you interested.

      Us

      Hi All,

      Can you please remove our plugin from this list.

      The March 2017 WordPress Attack Report

      Plugin link.

      https://wordpress.org/plugins/s3bubble-amazon-s3-html-5-video-with-adverts/

      This plugin has been removed for nearly over 2 years now and we just had a user saying it is showing the March most hacked plugins list it only had 10 Active installs & we update 2 years ago.

      People are now confusing this with our service. It is affecting our service please I hope you can remove this as soon as possible.

      Best Regards

      Sam

      Them

      Hi Sam,
      Thanks for reaching out to us. Our monthly attack report is based on real data, so those attacks are happening. It’s likely that they are attacking an old version that had a vulnerability, trying to find sites running out of data software. We’ll update our post to remind people of that fact.
      Best regards,
      Dan

      Us

      Hi Dan,

      Thanks for your response that plugin only ever had 10 active installs and hasn’t been updated for over 2 years.

      When you say they are attacking an old version does this mean one of the 10 people that installed it, just our users are confusing this with our main plugin?

      Best Regards

      Sam

      Them

      Hi Sam,
      That is odd. I took a closer look at the data and can share a couple of things. The attack requests all look very similar, trying to download the wp-config.php file from the web server. They are originating from a wide variety of IP addresses. I’m only speculating here, but it seems likely that someone added the exploit to a list that is being shared among attackers or something. I hope that helps.
      Best regards,
      Dan

      Us

      Hi Dan,

      Thanks for taking a look when you state this.

      The attack requests all look very similar, trying to download the wp-config.php file from the web server.

      Can you suggest ways to resolve this, I had a user today stating that the plugin was one 12th on your March most hacked list for this year, I had completely forgotten about that plugin, to be honest, its so old and we remove all the data only 10 installs and over 2 years old and it number 12 for your most hacked plugins this year I’m just confused.

      I have spoken to WordPress and they are going to fully remove it from the repo. It must be working from very old data I would really like to resolve this.

      Best Regards

      Sam

      Then radio silence nothing back…

      • This reply was modified 6 years, 7 months ago by s3bubble.
    • #31073
      Jay
      Participant

      Hi Sam,

      Great.. this clears it up and was needed, as I am sure other people have seen the report and yes it would put them off for sure. Good to have this thread to through light on the explained and obvious error.

      It seems this confusion had been needing to be addressed. Good to get it out in the open for all to see.

      I would suggest perhaps a comment is posted on the related wordfence blog posts with a link back to this thread if possible.

      Nice one Sam!

      Best Regards,

      Jay.

    • #31087
      s3bubble
      Keymaster

      Hi Jay,

      Yes, thanks your right ill leave this post open for other users.

      Best Regards

      Sam

Viewing 4 reply threads
  • The forum ‘General Questions & Bugs’ is closed to new topics and replies.