Back

GoDaddy flags PsySH as malware... anyone else seen this?


JohanTux posted 4 months ago

We've got a Laravel 5.4 app on shared hosting with GoDaddy, and today we got an "incident" email from GoDaddy security:

Our scans flagged your hosting account as containing known malware. Due to the negative impact to our systems, we've removed the following malware from your files:

/vendor/psy/psysh/src/Psy/Shell.php

They also flagged but did not remove:

/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php

I compared the source files on my app with a fresh laravel new project and they look to be the same.

Has anyone else seen anything like this?

(edited to fix subject)

GrahamCampbell replied 3 months ago

/vendor/psy/psysh/src/Psy/Shell.php

Not malware (unless your connection was compromised). You can verify this yourself by reading the source code.

/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php

That other file has absolutely nothing to do with Psy/Shell.php. In fact, you probably shouldn't even have that file on your production server. Install your dependencies using --no-dev.

Parth Trivedi replied 2 weeks ago

I also received a similar email from GoDaddy flagging the following files as malware.

public_html/app/vendor/psy/psysh/src/Psy/ExecutionLoop/ForkingLoop.php

public_html/app/vendor/psy/psysh/src/Psy/ExecutionLoop/Loop.php

It is the same package of Psy. Does anyone know how to resolve this?


Sign in to participate in this thread!



We'd like to thank these amazing companies for supporting us