Does it say anything about the malware it has detected? I donât see any malware in the original file, so make sure the file hasnât been tampered with. If it isnât it might be a false positive and you should contact GoDaddy support to ask for more information.
As @josklever pointed out above it looks like the plugin in question is Activity Log for MainWP, a third-party extension developed and maintained by the Melapress team.
However, that plugin (which we also refer to as a MainWP extension) shouldnât be installed on the child sites (your clientâs sites) but only on the MainWP Dashboard.
Did you perhaps install it on your child sites? If so, please remove it.
We have contacted the Melapress team, and they will look into this further.
We manually went into each site and removed the plugin
To be honest, not quite sure how this plugin got installed on all websites, I think it was an option in pro reports or when we were adding child sites, we added quite a few yesterday.
I was also note entirely sure how to remove plugins across all websites in one click via mainwp so we just did it manually an re-synced all
The Pro Reports extension will suggest to install MainWP Child Reports plugin on child sites which works in tandem with Pro Reports.
However, MainWP does not suggest at any point to install Activity Log for MainWP extension to your child sites.
For future reference, you can find information here on deleting plugins in bulk:
What is strange, we didnât install this plugin on any sites manually or directly, only we manage the websites, the site owners or any other developer doesnât access them⌠and we only accessed the websites via mainwp, so somewhere along the line, it got installed via mainwp â also note, that plugin was on ALL websites we connected to mainwp.
Need to trace back to see where and how that got activated.
I would suggest asking GoDaddy support what triggered their security systems to flag this file.
Also, I texted the plugin author, and as soon as he is available, I believe he will reply here. I assumed he would have more info about it, but not sure yet.
On the other hand, I am not sure how this plugin (extension) could get installed on all your websites.
MainWP plugin itself does not have any feature that would do that. There is no code that âauto-installsâ any plugin before MainWP Dashboard user executes the process.
I also checked the Activity Log for MainWP extension and found nothing that would do it.
This is the first time we have had something like this reported. There are 20K+ active installs for MainWP Dashboard from users like you, with over 600K managed child sites, and no one has reported this problem. So, I am sure that the MainWP plugin did not play any role on its own in installing the mentioned plugin on all your Child sites.
I would strongly suggest reviewing server logs so you can get to the bottom of it and figure out how the plugin got installed.
I am Robert from Melapress. A quick update from our end:
It seems that this report is about our MainWP Extension; Activity Log for MainWP.
This should only be installed on the MainWP dashboard, and not on child websites.
By coincidence we are working on an update and I can confirm that there is no malware in that file. Maybe the functionality that triggers the file download has triggered this?
As @bogdan said, can you please ask GoDaddy to be more specific and advise what is triggering this report?
Also, this plugin should not be installed on child websites, but only on the MainWP dashboard. The fact that it is installed on child websites is either a mistake or there is something fishy.
Please drop us an update as soon as you hear back from GoDaddy. Also, would you be able to send me a copy of that file in question so we take a look? Did you compare it to the original one on the repo?