Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. README files triggering Hostinger malware scanner

README files triggering Hostinger malware scanner

Scheduled Pinned Locked Moved Solved Support
anti-virus
10 Posts 5 Posters 269 Views 5 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      N Offline
      ntnsndr
      wrote last edited by joseph
      #1

      I've got my Cloudron running on a Hostinger VPS, and it has started getting the attention of Hostinger's built-in malware scanner.

      The files in question appear to be node-related README files on various apps. For instance, stuff like:

      /var/lib/docker/overlay2/126fc8372bdf65b1c50de1d1b818c4b69d05786ede10742be2ad17c2167cff23/diff/app/code/node_modules/devalue/README.md
      
      /var/lib/docker/overlay2/01a2a6266e84fe08aa03dcf6a3e2c43c48eefef48590ae04c84af4eae316a261/merged/app/code/node_modules/devalue/README.md
      

      I am not sure why they are being flagged. Can anyone confirm that I should not be concerned about this? Or otherwise?

      Thanks.

      J 1 Reply Last reply
      1
      • nebulonN Away
        nebulonN Away
        nebulon
        Staff
        wrote last edited by
        #2

        well since those are in app images which are read-only also, and actually just the Readme of that node_module, there is no reason for concern. I would be more concerned about the Hostinger malware scanner here. What is it and it scans the rootfs blindly of servers?

        1 Reply Last reply
        1
        • BrutalBirdieB Online
          BrutalBirdieB Online
          BrutalBirdie
          Partner
          wrote last edited by
          #3

          Seems like this is something you have to do yourself.
          So eh 🤷
          https://support.hostinger.com/en/articles/8450363-vps-malware-scanner

          Like my work? Consider donating a drink. Cheers!

          1 Reply Last reply
          1
          • N Offline
            N Offline
            ntnsndr
            wrote last edited by
            #4

            Thanks, @BrutalBirdie @nebulon, I appreciate your feedback. @nebulon are you implying this is a security concern? I share that and might just turn off the malware scanner.

            BrutalBirdieB nebulonN 2 Replies Last reply
            0
            • N ntnsndr

              Thanks, @BrutalBirdie @nebulon, I appreciate your feedback. @nebulon are you implying this is a security concern? I share that and might just turn off the malware scanner.

              BrutalBirdieB Online
              BrutalBirdieB Online
              BrutalBirdie
              Partner
              wrote last edited by
              #5

              @ntnsndr said in README files triggering Hostinger malware scanner:

              are you implying this is a security concern?

              I did not find any source code for Monarx what is behind the malware scanning of Hostinger.
              I know crowdsec.net and they are open.

              What am I trying to say with this?
              Well, there is an unknown entity on your server, that “I guess” has root level access to your data.
              Did you ever sign any GDPR complaince with this unknown entity? How is your data used?

              Let's take the 2024 CrowdStrike-related IT outages as a parallel example.
              Some Binary gets updated and shipped aaannnddd

              e97d1cf7-aa9d-4ef2-a8e2-c04b0a907a7e-image.png

              Like my work? Consider donating a drink. Cheers!

              1 Reply Last reply
              1
              • N ntnsndr

                Thanks, @BrutalBirdie @nebulon, I appreciate your feedback. @nebulon are you implying this is a security concern? I share that and might just turn off the malware scanner.

                nebulonN Away
                nebulonN Away
                nebulon
                Staff
                wrote last edited by
                #6

                @ntnsndr by virtue of having a server at that provider, you already trust that provider in the first place. So I wouldn't be worried about that aspect. I was more wondering about what other non-standard services they run on those VPS images which could interfere otherwise with the Cloudron system. Not saying that it is an issue, but just raising awareness, that this may be a source of irritation in the future.

                1 Reply Last reply
                3
                • J joseph marked this topic as a question
                • J joseph has marked this topic as solved
                • N ntnsndr

                  I've got my Cloudron running on a Hostinger VPS, and it has started getting the attention of Hostinger's built-in malware scanner.

                  The files in question appear to be node-related README files on various apps. For instance, stuff like:

                  /var/lib/docker/overlay2/126fc8372bdf65b1c50de1d1b818c4b69d05786ede10742be2ad17c2167cff23/diff/app/code/node_modules/devalue/README.md
                  
                  /var/lib/docker/overlay2/01a2a6266e84fe08aa03dcf6a3e2c43c48eefef48590ae04c84af4eae316a261/merged/app/code/node_modules/devalue/README.md
                  

                  I am not sure why they are being flagged. Can anyone confirm that I should not be concerned about this? Or otherwise?

                  Thanks.

                  J Online
                  J Online
                  joseph
                  Staff
                  wrote last edited by joseph
                  #7

                  @ntnsndr said in README files triggering Hostinger malware scanner:

                  I am not sure why they are being flagged

                  Can you ask Hostinger (and we can think about what to do)? README is just text files after all...

                  1 Reply Last reply
                  0
                  • N Offline
                    N Offline
                    ntnsndr
                    wrote last edited by
                    #8

                    @joseph Hostinger's responses was like "We're not responsible for our third-party scanning tool."

                    And @BrutalBirdie I guess it's good that the free version of Monarx at least can't (or supposedly doesn't) delete files autonomously?

                    robiR 1 Reply Last reply
                    0
                    • N ntnsndr

                      @joseph Hostinger's responses was like "We're not responsible for our third-party scanning tool."

                      And @BrutalBirdie I guess it's good that the free version of Monarx at least can't (or supposedly doesn't) delete files autonomously?

                      robiR Offline
                      robiR Offline
                      robi
                      wrote last edited by
                      #9

                      @ntnsndr said in README files triggering Hostinger malware scanner:

                      Hostinger's responses was like "We're not responsible for our third-party scanning tool."

                      Then you should be able to opt out of this service you did not request.

                      Conscious tech

                      N 1 Reply Last reply
                      0
                      • robiR robi

                        @ntnsndr said in README files triggering Hostinger malware scanner:

                        Hostinger's responses was like "We're not responsible for our third-party scanning tool."

                        Then you should be able to opt out of this service you did not request.

                        N Offline
                        N Offline
                        ntnsndr
                        wrote last edited by
                        #10

                        @robi Thanks—yes, I uninstalled it.

                        1 Reply Last reply
                        3
                        Reply
                        • Reply as topic
                        Log in to reply
                        • Oldest to Newest
                        • Newest to Oldest
                        • Most Votes


                          • Login

                          • Don't have an account? Register

                          • Login or register to search.
                          • First post
                            Last post
                          0
                          • Categories
                          • Recent
                          • Tags
                          • Popular
                          • Bookmarks
                          • Search