Malicious Code detected generated error page

Question

We started getting an error page when we post iframes or scripts on our sites. Whether it's from the admin or a test script on a "test.php" page.

The problem is we don't know what is generating this page. From all my research it seems like it's the HEADERS that are set in Apache that could be triggering this error.

My question is, what module or configuration do you think is generating this page? Have you ever seen a page like this? I Googled the error message and cannot find any article that matches.

Attached are two screenshots. One of the error page in my browser and one of the sourcecode of that page.

https://ibb.co/7YTK3g7 https://ibb.co/HgzhwVm

My .htaccess also has nothing related to any headers. Just basic rewrite rules.

Here is more information:

Server version: Apache/2.4.25 (Debian) PHP 7.2

/usr/sbin/apache2 -l

Compiled in modules:
  core.c
  mod_so.c
  mod_watchdog.c
  http_core.c
  mod_log_config.c
  mod_logio.c
  mod_version.c
  mod_unixd.c

apachectl -M

Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cloudflare_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 headers_module (shared)
 mime_module (shared)
 mpm_prefork_module (shared)
 negotiation_module (shared)
 passenger_module (shared)
 php7_module (shared)
 proxy_module (shared)
 python_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)

I commented out these Headers from my Apache file.

apache2.conf - all commented out

#Header always set x-xss-protection "1; mode=block"
#Header always set x-frame-options "SAMEORIGIN"
#Header always set X-Content-Type-Options "nosniff"
#Header always set Strict-Transport-Security "max-age=31536000; preload"
#Header always set X-Permitted-Cross-Domain-Policies "none"
#Header always set Referrer-Policy "no-referrer"

They used to be there and I suspect it may come from this but even with these commented out, restarting Apache, changing browsers (trying incognito) I still get the same error page.

Any help is appreciated.

Thank you

I understand where you got that from but I have never heard or installed anything remotely related to cloudbric. Is there anything in those modules that you think could be? — Melonheadjr44, Feb 13 '19 at 21:01

score 0 · Answer 1 · answered Feb 13 '19 at 21:33

0

Seems like it's a CloudFlare issue. I will follow up with them.

answered Feb 13 '19 at 21:33

Melonheadjr44

21
2

Malicious Code detected generated error page

1 Answers1