Why is Adminer detected as malware by Imunify and how to resolve this?

Issue

Adminer.php, a single-page database administration tool, is detected as malware by Imunify and is automatically removed.

Environment

• Adminer.php
• Any control panel.
• Any OS.
• Imunify360/AV.

Solution

While it's advisable to use more secure database managers provided by the control panel, if you've downloaded the script from the official website and are using it for legitimate purposes on the server, you can whitelist the path to the script in both Proactive Defense and Imunify Scanner.

To do this, go to:
Imunify360 UI > Proactive Defense and Imunify UI > Malware Scanner > Ignore List.

Cause

Adminer is a single-page database management application that could be easily exploited to grant hackers access to databases, perform SQL injections, or install backdoors on the server. Due to its potential risk and the fact that it is often injected into servers for malicious purposes, Adminer's vulnerable code has been classified as malware. This classification is meant to protect Imunify users and their businesses from the potential damage the application may cause.

Useful links

• https://docs.imunify360.com/dashboard/#proactive-defense
• https://docs.imunify360.com/user_interface/#ignore-list