Strange association between TracDebugger

[RuiVP]

Hello.

Apparently I have a problem with Tracy adminer.
Presently using last PW version + PHP 8.5 in my development instalation.
At the time of the problem, I don't know what TracyDebugger version I was using. PHP was 8.0 or lower.

The problem: I received an email from the server support, telling something like (translated) "Please be advised that the account ‘rumors.pt’ has been found to be overloading the system. You must urgently check and rectify the website’s security."
The site is down (I suppose it is suspended for security reasons). Before asking the server admin to reopen it, I would like to know if other similar cases were reported, and, if that's the case, to have your opinion.
Here goes the server's imunify360 log from the server:

Malicious		Reason	Status	Actions
/home/c0010270/.trash/site.1/modules/.TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed
	Scan type: background Cleaned 12 days ago Original (infected) file will be removed in 2 days
/home/c0010270/.trash/site.2/modules/.TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed
/home/c0010270/.trash/site.3/modules/.TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed
/home/c0010270/.trash/site.4/modules/.TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed
/home/c0010270/.trash/site/assets/cache/FileCompiler/site/modules/TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed
/home/c0010270/.trash/site/modules/.TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed
/home/c0010270/.trash/site/modules/TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed
/home/c0010270/rumor.rumors.pt/site/modules/.TracyDebugger/panels/Adminer/adminer-4.8.1-mysql.php		SMW-BLKH-SA-CLOUDAV-php.admin.tool.db.adminer-NP118-3	Content removed

Remarks:
1) A (new) similar (copied) development version of the site seems to work ok in my computer.
2) In fact this is the second time a PW site maintained by me goes down, apparently caused by external "interferences". I suppose I have to review the security issues and the rules of access to files and folders (presently 755/644).
3) Probably there is no point in keeping Tracy in a public site. What is the common procedure?

Wishing you a fine weekend,

Rui VP

[adrian]

Hi @RuiVP - The listing of adminer-4.8.1-mysql.php indicates that you were running a version of Tracy that was at least two years old. The was an old unmaintained version of Adminer. We now use AdminNeo which is actively maintained. Side note: Adminer is also being maintained again after a very long hiatus, but I prefer the AdminNeo fork (the author and the product).

That said, some shared hosts will always falsely flag tools that can manipulate the DB. They don't take into consideration that the tool is gated and only available to authorized users.

I leave Tracy installed on all sites - in production mode it logs errors and full bluescreen traces as HTML files you can view. It can also email (or notify via Slack) of these errors so you get instant notification of issues.

[RuiVP]

Thanks Adrian, once again.