Uploading malware with Realweaver 6.4

Hello, I use RapidWeaver 6.4 with a Mobi template. I host my website on Yahoo, which has recently been spun off as Aabaco.

They have informed me that I have malware on my uploaded web files, and shut down my site. At their suggestion, I deleted all website files from their server, and then re-published my files. The files they are claiming to be malware are still uploading when I do a new upload.

I have just scanned my computer with a malware program and it says that I have no malware on my computer. Which is an iMac, 2008, running on 10.10.5.

I will attach a screen shot showing an index.html file within the styled-23 folder. A similar case is an index.php file within the contact-form folder. There are files like this within all of the website folders that RapidWeaver has uploaded. Aabaco claims that these are malware files.

Can you help me to understand this? Every time I re-upload my website files, they upload in this fashion. Am I uploading malware files with RapidWeaver, or is there another reason for this to be happening? How do I solve this problem? Your help is greatly appreciated!

Web Hosting.jpg1275x1650 146 KB

Maybe you could try uploading your files to an online malware scan site. I have never heard of this happening before. It will be difficult to tell you much more based on the information provided. Good luck to you… must be frustrating.

Sounds like a good idea, JohnJ. I checked a few sites like this just now, but you must provide the URL to scan. Aabaco has blocked my site so I can’t provide a URL. I’d have to upload my files to a site that could then scan it.

Just found a site named VirusTotal.com. I’ll try that one.

Tried scanning two files and they seemed fine. But I just noticed when looking through my Inspector that every file is named “index.html.” Every file in every folder. How can that be?

@bboross having lots of files named index.html is fine since they’re in different folders.

If you could zip up your project file and the exported files and share them with support@realmacsoftware.com (reference this thread in the email) and I’ll take a look at them for you on Monday if you’d like.

Check your .htaccess file also make sure that there is nothing in there that shouldn’t be creating files on your server.

The issue is not what you have uploaded. It more than likely some idiot hacked the server. Most likely the server is running windows as an operating system. I would find a different hosting provider. there are several on the forums I use Wehostmacs.com gut there are others around.

I am sure that RapidWeaver is not responsible for any malware on the server. That would only be possible when someone got access to your computer and has infected a RapidWeaver project. Never heard about that and I assume this is not possible.

The only reason für malware is that your webspace was infected. But after you have delete all files from the server, changed your password to your server and republished the project the problem should be fixed. If not and the server got reinfected, the hoster has a problem and is not able to protect the webspace he offers.

Thanks for this opinion - I agree. I scanned my computer with Dr. Safety and had no viruses. In RapidWeaver I changed all of the file names from index.html to more appropriate descriptions like videos.html, schedule.html, etc. Re-uploaded and after 80 minutes on hold I got Aabaco to check through and they said the website was OK except for the Contact file (contact.php), claiming that it was still infected. Two hours later the website was up and running, except for the contact form. After filling in the required fields, I press submit and it just seems to “reset” without sending the form, and the “your message has been sent” wording does not come up.

I will surely switch from Aabaco to another server sometime next week. Thanks to all for your comments and assistance!

I use Bluehost (switched from Webhostingpad) and am really pleased with the product. I opted for their Cloud Sites, but just because I wanted the extra speed.