Test files can cause "Trojan" warnings on some systems #1292

New Issue

Closed

opened 2026-02-05 00:30:55 +03:00 by OVERLORD · 20 comments

OVERLORD commented 2026-02-05 00:30:55 +03:00

Owner

Copy Link

Originally created by @infario on GitHub (Aug 2, 2019).

While I tried to install this on my server my cpanel antivirus reported trojan virus infection this source files

Originally created by @infario on GitHub (Aug 2, 2019). While I tried to install this on my server my cpanel antivirus reported trojan virus infection this source files

OVERLORD added the 🔧 Maintenance:octocat: Admin/Meta labels 2026-02-05 00:30:55 +03:00

OVERLORD closed this issue 2026-02-05 00:30:57 +03:00

OVERLORD commented 2026-02-05 00:31:05 +03:00

Author

Owner

Copy Link

@Abijeet commented on GitHub (Aug 2, 2019):

Hi @infario

Can you add some more info or logs from the antivirus?

@Abijeet commented on GitHub (Aug 2, 2019): Hi @infario Can you add some more info or logs from the antivirus?

OVERLORD commented 2026-02-05 00:31:12 +03:00

Author

Owner

Copy Link

@infario commented on GitHub (Aug 2, 2019):

The file you uploaded, BookStack-master.zip, contains a virus so the upload was canceled: Win.Trojan.Hide-2 FOUND

@infario commented on GitHub (Aug 2, 2019):  The file you uploaded, BookStack-master.zip, contains a virus so the upload was canceled: Win.Trojan.Hide-2 FOUND

OVERLORD commented 2026-02-05 00:31:15 +03:00

Author

Owner

Copy Link

@Abijeet commented on GitHub (Aug 2, 2019):

Can you share what hosting provider you use? Any ideas about what AV software they use?

On a side note, you can download the latest release of BookStack from the release section here - https://github.com/BookStackApp/BookStack/releases

The master branch is for development purpose.

@Abijeet commented on GitHub (Aug 2, 2019): Can you share what hosting provider you use? Any ideas about what AV software they use? On a side note, you can download the latest release of BookStack from the release section here - https://github.com/BookStackApp/BookStack/releases The master branch is for development purpose.

OVERLORD commented 2026-02-05 00:31:17 +03:00

Author

Owner

Copy Link

@infario commented on GitHub (Aug 2, 2019):

I tried the release BookStack Beta v0.26.3 and still get same error. We use Panel secure hosting. I guess they are using ClamAV Antivirus

@infario commented on GitHub (Aug 2, 2019): I tried the release BookStack Beta v0.26.3 and still get same error. We use Panel secure hosting. I guess they are using ClamAV Antivirus

OVERLORD commented 2026-02-05 00:31:19 +03:00

Author

Owner

Copy Link

@dawolf commented on GitHub (Aug 2, 2019):

Automated malware scanners seem to pick up files in the /tests/test-data directory.

./tests/test-data/bad.php: Win.Trojan.Hide-2 FOUND
./tests/test-data/bad.phtml: Win.Trojan.Hide-2 FOUND

@dawolf commented on GitHub (Aug 2, 2019): Automated malware scanners seem to pick up files in the `/tests/test-data` directory. ``` ./tests/test-data/bad.php: Win.Trojan.Hide-2 FOUND ./tests/test-data/bad.phtml: Win.Trojan.Hide-2 FOUND ```

OVERLORD commented 2026-02-05 00:31:22 +03:00

Author

Owner

Copy Link

@infario commented on GitHub (Aug 2, 2019):

Can i delete "tests" folder and upload?

@infario commented on GitHub (Aug 2, 2019): Can i delete "tests" folder and upload?

OVERLORD commented 2026-02-05 00:31:30 +03:00

Author

Owner

Copy Link

@Abijeet commented on GitHub (Aug 2, 2019):

@infario - Yes that should work fine.

@Abijeet commented on GitHub (Aug 2, 2019): @infario - Yes that should work fine.

OVERLORD commented 2026-02-05 00:31:33 +03:00

Author

Owner

Copy Link

@infario commented on GitHub (Aug 2, 2019):

Yes now the virus error gone. Thanks @dawolf and @Abijeet

@infario commented on GitHub (Aug 2, 2019): Yes now the virus error gone. Thanks @dawolf and @Abijeet

OVERLORD commented 2026-02-05 00:31:35 +03:00

Author

Owner

Copy Link

@Abijeet commented on GitHub (Aug 2, 2019):

Re-opening this in order to bring to @ssddanbrown's attention, and maybe make a more long term fix.

@Abijeet commented on GitHub (Aug 2, 2019): Re-opening this in order to bring to @ssddanbrown's attention, and maybe make a more long term fix.

OVERLORD commented 2026-02-05 00:31:38 +03:00

Author

Owner

Copy Link

@dawolf commented on GitHub (Aug 2, 2019):

These files should be removed from the release if they get picked up by malware scanners.

edit: ninja'd by @Abijeet

@dawolf commented on GitHub (Aug 2, 2019): These files should be removed from the release if they get picked up by malware scanners. edit: ninja'd by @Abijeet

OVERLORD commented 2026-02-05 00:31:41 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Aug 3, 2019):

Thanks @Abijeet for responding to this.

Yeah, Once we get to a point where we have packaged releases then the test files should not be included. GitHub just provides the current zip as a straight ZIP of the source. Have updated the title and will leave this open as a reminder for when we come to change the release process.

@ssddanbrown commented on GitHub (Aug 3, 2019): Thanks @Abijeet for responding to this. Yeah, Once we get to a point where we have packaged releases then the test files should not be included. GitHub just provides the current zip as a straight ZIP of the source. Have updated the title and will leave this open as a reminder for when we come to change the release process.

OVERLORD commented 2026-02-05 00:31:44 +03:00

Author

Owner

Copy Link

@LordSimal commented on GitHub (Sep 14, 2019):

I just want to mention, that my hoster https://all-inkl.com/ reported those 2 PHP files as described above.
I now have deleted the tests folder but a "real solution" would be nice.

@LordSimal commented on GitHub (Sep 14, 2019): I just want to mention, that my hoster https://all-inkl.com/ reported those 2 PHP files as described above. I now have deleted the tests folder but a "real solution" would be nice.

OVERLORD commented 2026-02-05 00:31:46 +03:00

Author

Owner

Copy Link

@stenootje commented on GitHub (Apr 9, 2020):

April 2020 and this is still not removed... why?
even more, why is this included? a php-file and phtml-file that are images!!

@stenootje commented on GitHub (Apr 9, 2020): April 2020 and this is still not removed... why? even more, why is this included? a php-file and phtml-file that are images!!

OVERLORD commented 2026-02-05 00:31:49 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Apr 9, 2020):

April 2020 and this is still not removed... why?

@stenootje Because we have not developed a packaged release system yet.

even more, why is this included? a php-file and phtml-file that are images!!

Because we have tests to ensure these types of files cannot be uploaded.

@ssddanbrown commented on GitHub (Apr 9, 2020): > April 2020 and this is still not removed... why? @stenootje Because we have not developed a packaged release system yet. > even more, why is this included? a php-file and phtml-file that are images!! Because we have tests to ensure these types of files cannot be uploaded.

OVERLORD commented 2026-02-05 00:31:51 +03:00

Author

Owner

Copy Link

@stenootje commented on GitHub (Apr 9, 2020):

so this directory can be removed from installation without causing other problems?

@stenootje commented on GitHub (Apr 9, 2020): so this directory can be removed from installation without causing other problems?

OVERLORD commented 2026-02-05 00:31:54 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Apr 9, 2020):

@stenootje The directory can be removed. If you installed using git clone to pull down the files, then it's possible you may get some warnings or error when pulling down the code for an update.

@ssddanbrown commented on GitHub (Apr 9, 2020): @stenootje The directory can be removed. If you installed using `git clone` to pull down the files, then it's possible you may get some warnings or error when pulling down the code for an update.

OVERLORD commented 2026-02-05 00:31:57 +03:00

Author

Owner

Copy Link

@LordSimal commented on GitHub (Apr 9, 2020):

If these files are "just" to test the upload (while developing) why does it have to be in a production environment?
Could this be solved with a production and development branch?

@LordSimal commented on GitHub (Apr 9, 2020): If these files are "just" to test the upload (while developing) why does it have to be in a production environment? Could this be solved with a production and development branch?

OVERLORD commented 2026-02-05 00:32:04 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Apr 9, 2020):

If these files are "just" to test the upload (while developing) why does it have to be in a production environment?

It's ideal to be able to run the tests against the exact branch of code that people are using, They'll never run in production but they're useful to be there.

Could this be solved with a production and development branch?

Yeah, most likely. We pretty much already have that with master as our development branch and release as our production branch, is just working around the above (ensure we're testing production-intended code) and putting process in place. Just wasn't looking to spend time updating our dev/release process to account for just this since I ultimately want to change the release process anyway.

@ssddanbrown commented on GitHub (Apr 9, 2020): > If these files are "just" to test the upload (while developing) why does it have to be in a production environment? It's ideal to be able to run the tests against the exact branch of code that people are using, They'll never run in production but they're useful to be there. > Could this be solved with a production and development branch? Yeah, most likely. We pretty much already have that with `master` as our development branch and `release` as our production branch, is just working around the above (ensure we're testing production-intended code) and putting process in place. Just wasn't looking to spend time updating our dev/release process to account for just this since I ultimately want to change the release process anyway.

OVERLORD commented 2026-02-05 00:32:07 +03:00

Author

Owner

Copy Link

@liudass84 commented on GitHub (May 12, 2020):

FILE HIT LIST:
{CAV}Win.Trojan.Hide-2 : /.../tests/test-data/bad.php
{CAV}Win.Trojan.Hide-2 : /.../tests/test-data/bad.phtml

@liudass84 commented on GitHub (May 12, 2020): FILE HIT LIST: {CAV}Win.Trojan.Hide-2 : /.../tests/test-data/bad.php {CAV}Win.Trojan.Hide-2 : /.../tests/test-data/bad.phtml

OVERLORD commented 2026-02-05 00:32:12 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Feb 6, 2021):

Within f25e585008 I've re-worked these files for our testing usage to avoid them getting picked up by AV, Have tested with ClamAV. Will be part of the next feature release.

@ssddanbrown commented on GitHub (Feb 6, 2021): Within f25e585008178010c5fede256b4d9e7638da1070 I've re-worked these files for our testing usage to avoid them getting picked up by AV, Have tested with ClamAV. Will be part of the next feature release.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

further_theme_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

No Label :octocat: Admin/Meta 🔧 Maintenance

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#1292