README files triggering Hostinger malware scanner
-
I've got my Cloudron running on a Hostinger VPS, and it has started getting the attention of Hostinger's built-in malware scanner.
The files in question appear to be node-related README files on various apps. For instance, stuff like:
/var/lib/docker/overlay2/126fc8372bdf65b1c50de1d1b818c4b69d05786ede10742be2ad17c2167cff23/diff/app/code/node_modules/devalue/README.md /var/lib/docker/overlay2/01a2a6266e84fe08aa03dcf6a3e2c43c48eefef48590ae04c84af4eae316a261/merged/app/code/node_modules/devalue/README.mdI am not sure why they are being flagged. Can anyone confirm that I should not be concerned about this? Or otherwise?
Thanks.
-
well since those are in app images which are read-only also, and actually just the Readme of that node_module, there is no reason for concern. I would be more concerned about the Hostinger malware scanner here. What is it and it scans the rootfs blindly of servers?
-
Seems like this is something you have to do yourself.
So eh
https://support.hostinger.com/en/articles/8450363-vps-malware-scanner -
Thanks, @BrutalBirdie @nebulon, I appreciate your feedback. @nebulon are you implying this is a security concern? I share that and might just turn off the malware scanner.
-
Thanks, @BrutalBirdie @nebulon, I appreciate your feedback. @nebulon are you implying this is a security concern? I share that and might just turn off the malware scanner.
@ntnsndr said in README files triggering Hostinger malware scanner:
are you implying this is a security concern?
I did not find any source code for Monarx what is behind the malware scanning of Hostinger.
I know crowdsec.net and they are open.What am I trying to say with this?
Well, there is an unknown entity on your server, that “I guess” has root level access to your data.
Did you ever sign any GDPR complaince with this unknown entity? How is your data used?Let's take the 2024 CrowdStrike-related IT outages as a parallel example.
Some Binary gets updated and shipped aaannnddd
-
Thanks, @BrutalBirdie @nebulon, I appreciate your feedback. @nebulon are you implying this is a security concern? I share that and might just turn off the malware scanner.
@ntnsndr by virtue of having a server at that provider, you already trust that provider in the first place. So I wouldn't be worried about that aspect. I was more wondering about what other non-standard services they run on those VPS images which could interfere otherwise with the Cloudron system. Not saying that it is an issue, but just raising awareness, that this may be a source of irritation in the future.
-
J joseph marked this topic as a question
-
J joseph has marked this topic as solved
-
I've got my Cloudron running on a Hostinger VPS, and it has started getting the attention of Hostinger's built-in malware scanner.
The files in question appear to be node-related README files on various apps. For instance, stuff like:
/var/lib/docker/overlay2/126fc8372bdf65b1c50de1d1b818c4b69d05786ede10742be2ad17c2167cff23/diff/app/code/node_modules/devalue/README.md /var/lib/docker/overlay2/01a2a6266e84fe08aa03dcf6a3e2c43c48eefef48590ae04c84af4eae316a261/merged/app/code/node_modules/devalue/README.mdI am not sure why they are being flagged. Can anyone confirm that I should not be concerned about this? Or otherwise?
Thanks.
-
@joseph Hostinger's responses was like "We're not responsible for our third-party scanning tool."
And @BrutalBirdie I guess it's good that the free version of Monarx at least can't (or supposedly doesn't) delete files autonomously?
-
@ntnsndr said in README files triggering Hostinger malware scanner:
Hostinger's responses was like "We're not responsible for our third-party scanning tool."
Then you should be able to opt out of this service you did not request.
