So this is strange.
I’ve recently started posting my Discourse comments on my webcomic site using WP-Discourse. A reader commented on my site (Wordpress install) that he got a Hijack report from his anti-virus software (Malwarebytes) when visiting my most current page.
He copy-pasted the report. It was in Polish, but I recognized the Digital Ocean IP address of my Discourse forum.
I had my assistant download the Malwarebytes software, and she got this report:
I literally just upgraded my Discourse site and all the plugins when I got the Discourse update email yesterday afternoon—a couple hours before getting that comment from my reader. I have (what I think is) a fairly vanilla install of Discourse—no themes, and just with these (I think all official) plugins installed:
I know Discourse is super on-top-of security. I did a search on malware here on this forum, and only found one post from 2016 that seemed like it could have been a false positive.
I’m not sure what to do here. Malwarebytes seems like a legit company that’s been around for ten years. If it’s blocking my Wordpress webcomic site for all its users because of the Discourse comments, I obviously need to figure this out. Especially if this isn’t a false positive.
Any help would be greatly appreciated. Thanks!