Well known web host is scrubbing propellent.* from stored ZIP files

Hi folks, got a weird problem, wondering if anyone else has been affected by anything like this.
I have a low volume commercial RFID product designed around Prop1. My website includes a password protected folder for each customer where they can pick up their updates. The updates are ZIP files containing the new image, propellent.exe, propellent.dll, and a batch file. Been working this way for 10+ years.
Last month, GoDaddy went through and deleted propellent.exe and propellent.dll from _all_ my stored ZIPs. It left other EXE and DLL files in other ZIPs, but took out all my Parallax content. Now I can't upload new ZIPs containing propellent.exe and propellent.dll, but I can upload ZIPs with other EXE and DLL content. Renaming files does not help.
It looks to me like this web hosting company has decided that propellent.exe and propellent.dll contain some kind of malware or virus signature. Nobody there will admit to it. But I'm wondering if anyone here has experienced a similar prejudice against these excellent and necessary programs.

Comments

  • Try password-protecting the ZIP files themselves, too (you can do this with 7zip). That should stop your host from being able to look inside.
  • A web hosting company that thinks that a file may contain virus just because of its name, is a bogus company that doesn't know the first thing about web hosting. GoDaddy was always questionable, at best. You should change to FreeHostia, or simimal. GoDaddy is a joke.

    Kind regards, Samuel Lourenço
  • @Wuerfel_21: password protection is a good thought. I'd have to make them self extracting for the customers, but it could work.

    @samuell: I'll look up FreeHostia, thanks, but changing web services is no trivial task. I had to jump to GoDaddy a year ago when my old host broke down. They were great for over 10 years, but then sold, and the buyer fumbled the changeover. Also, GoDaddy removes the files based on content, not name. If it were deleting the files by name, the solution would be obvious. There is something about propellent.* that annoys their bot, whatever I call the files.

    Thank you for your thoughts on the matter.
  • @Wuerfel_21: password protection is a good thought. I'd have to make them self extracting for the customers, but it could work.

    Not even. I just tried it, Window's built-in ZIP handling can deal with encrypted files just fine, it just can't create them.
  • You could try throwing a byte-scrambling executable which scrambles propellant. If the web host does not go after that, then your end users could use that exe to descrambler and install.
  • try .rar , .tar ,...
    it is a different compression tool.
  • Thanks guys. I think encrypting the ZIP is going to be the answer. Say I get around the problem for now with tar, then they "fix" their malware engine next month and I'm in the same boat again. I've done a quick try and the encrypted zip stands up. I just have to tell the customers what the password is.

    @AwesomeCronk : neat idea but way more work than I have time for.
  • Gotcha! Well, good luck with this adventure!
  • evanhevanh Posts: 8,958
    edited 2019-12-14 - 00:19:58
    I remember it was all the rage to have self-decompressing executables so they could be packed onto a floppy. Doing that would probably work too. It's unlikely the bots will known how to decompress it since it'll appear to be an ordinary exe. And they won't try running it. No need for the password then.

    EDIT: Of course, the decompressor will have it's own recognisable signature so may also be a flagged type for auto-remove.

  • evanh wrote: »
    It's unlikely the bots will known how to decompress it since it'll appear to be an ordinary exe.

    Actually, it's quite likely they do. If you have 7zip installed, try opening all sorts of self-extracting archives and install wizards. You'll be suprised at how often it'll recognize the format.
  • evanhevanh Posts: 8,958
    edited 2019-12-14 - 00:45:09
    Does it dump suitable for a virus scan? And would GoDaddy be using it?
  • You can nest-zip the parallax files. Many AV programs will unzip nested archives up to a certain limit to scan their contents for viruses. Try including zip into zip eg five/six times.
  • Thanks guys. I think encrypting the ZIP is going to be the answer. Say I get around the problem for now with tar, then they "fix" their malware engine next month and I'm in the same boat again. I've done a quick try and the encrypted zip stands up. I just have to tell the customers what the password is.

    @AwesomeCronk : neat idea but way more work than I have time for.

    Also in this case you can make an encrypted archive inside an another (root) one.
    The root archive can self-extract it and launch a sort of installer exe or bat which know the password to extract the encrypted archive. The password here is only a workaround, it don't protect sensible information, so it could be always the same and written in clear in the batch file.
Sign In or Register to comment.