S3Bubble WordPress Video Streaming

S3Bubble Support Forums

Please support our community and help other users

To stay up to date with the latest S3Bubble updates and tutorials please make sure you sign up to our newsletter.

home Forums General Questions & Bugs Are you aware of this re Wordfence plugin alert…

This topic contains 4 replies, has 2 voices, and was last updated by  s3bubble 1 year, 8 months ago.

  • Author
    Posts
  • #31060

    Jay
    Participant

    Hi Guys,

    I emailed you at support last month but did not get any response. So I am using this to let you know of an issue that is being flagged by a major 3rd party security site called wordfence…

    For the past two months they have S3 bubble plugin added to their TOP alert list for security issues. You can find the details here:

    The July 2017 WordPress Attack Report

    (scroll down to “ATTACKS ON PLUGINS”)

    Are you aware of this? And if so, can you throw any light on why S3 is in this alert (for the past 2 months that I am aware of)?

    I am keen to come onboard but wanted to check this out with you, before joining.

    Thanks,
    Jay

  • #31061

    s3bubble
    Keymaster

    Hi Jay,

    Yes we are aware of this, the plugin in question only ever had 10 downloads 2 years ago and is not even listed on the WordPress plugin repo it was removed months ago I have no idea where the stats are coming from we contacted the guys at Wordfence who responded and basically said it must have been added to a hacker list (full email conversation below) so it’s out of our hands unfortunately but I can assure you it has nothing to do with our main plugin feel free to check tho.

    Plugin on WordFence
    https://wordpress.org/plugins/search/s3bubble-amazon-s3-html-5-video-with-adverts/

    Our main plugin
    https://wordpress.org/plugins/s3bubble-amazon-web-services-oembed-media-streaming-support/

    Best Regards

    Sam

    • This reply was modified 1 year, 8 months ago by  s3bubble.
    • This reply was modified 1 year, 8 months ago by  s3bubble.
  • #31065

    s3bubble
    Keymaster

    Here is our full conversation with Wordfence if you interested.

    Us

    Hi All,

    Can you please remove our plugin from this list.

    The March 2017 WordPress Attack Report

    Plugin link.

    https://wordpress.org/plugins/s3bubble-amazon-s3-html-5-video-with-adverts/

    This plugin has been removed for nearly over 2 years now and we just had a user saying it is showing the March most hacked plugins list it only had 10 Active installs & we update 2 years ago.

    People are now confusing this with our service. It is affecting our service please I hope you can remove this as soon as possible.

    Best Regards

    Sam

    Them

    Hi Sam,
    Thanks for reaching out to us. Our monthly attack report is based on real data, so those attacks are happening. It’s likely that they are attacking an old version that had a vulnerability, trying to find sites running out of data software. We’ll update our post to remind people of that fact.
    Best regards,
    Dan

    Us

    Hi Dan,

    Thanks for your response that plugin only ever had 10 active installs and hasn’t been updated for over 2 years.

    When you say they are attacking an old version does this mean one of the 10 people that installed it, just our users are confusing this with our main plugin?

    Best Regards

    Sam

    Them

    Hi Sam,
    That is odd. I took a closer look at the data and can share a couple of things. The attack requests all look very similar, trying to download the wp-config.php file from the web server. They are originating from a wide variety of IP addresses. I’m only speculating here, but it seems likely that someone added the exploit to a list that is being shared among attackers or something. I hope that helps.
    Best regards,
    Dan

    Us

    Hi Dan,

    Thanks for taking a look when you state this.

    The attack requests all look very similar, trying to download the wp-config.php file from the web server.

    Can you suggest ways to resolve this, I had a user today stating that the plugin was one 12th on your March most hacked list for this year, I had completely forgotten about that plugin, to be honest, its so old and we remove all the data only 10 installs and over 2 years old and it number 12 for your most hacked plugins this year I’m just confused.

    I have spoken to WordPress and they are going to fully remove it from the repo. It must be working from very old data I would really like to resolve this.

    Best Regards

    Sam

    Then radio silence nothing back…

    • This reply was modified 1 year, 8 months ago by  s3bubble.
  • #31073

    Jay
    Participant

    Hi Sam,

    Great.. this clears it up and was needed, as I am sure other people have seen the report and yes it would put them off for sure. Good to have this thread to through light on the explained and obvious error.

    It seems this confusion had been needing to be addressed. Good to get it out in the open for all to see.

    I would suggest perhaps a comment is posted on the related wordfence blog posts with a link back to this thread if possible.

    Nice one Sam!

    Best Regards,

    Jay.

  • #31087

    s3bubble
    Keymaster

    Hi Jay,

    Yes, thanks your right ill leave this post open for other users.

    Best Regards

    Sam

You must be logged in to reply to this topic.

30 Day Free Trial

we distribute millions of video via our service every month

Try it Now