Knowledgebase

Portal Home > Knowledgebase > Articles Database > Server Security Sweep


Server Security Sweep




Posted by mobiledynamics, 09-10-2009, 09:02 PM
Can anyone recommend a vendor to do a site sweep to identify where we have loopholes on our site Our site was classified by google as having suspicious activity.
Posted by nomankhn, 09-10-2009, 10:29 PM
Welcome to WHT. Its very common now a days, If your site is showing red malware warning means that means your site is got hacked and you need to scan your site with some good antvirus then check the code related files which shows infected, remove infected portion from files, after that rescan it, after that submit request to google for consideration after that wait for some hours around 10-12, Google will mark your site clean and red warning gone
Posted by Srv24x7, 09-11-2009, 01:19 AM
Even if its not hacked google sometimes shows you that warning that means you need to clean your websites files with some good anti virus software. AVG turned out to be a good one for us.
Posted by WeWatch, 09-11-2009, 04:46 AM
Often times, especially this year, a hacked website isn't the result of some vulnerability in the website at all. It's the result of a virus on a PC with FTP access to the website. The virus steals the FTP login credentials, sends them to a server which then carries out the process of injecting he malscripts into the website. It then monitors the website to see if anyone removes the code. If their hacked code is removed, it tries to re-infect the website again maybe with a different malscript. We've seen forums where these FTP login credentials are bought and sold. So once someone infects a website, they can then sell the FTP credentials so that others can infect the website as well. The hackers do this to make money. They get paid an affiliate commission for every PC they install particular software on. By infecting websites that then infect PCs they get paid. You probably won't find any viruses on the website that Google has blacklisted. However, you will find a virus on a PC with FTP access to the website. What you have to do is use a different anti-virus from what is currently installed. The reason for this is that the virus knows how to evade detection from the currently installed anti-virus program. Many have had good luck with AVG, Avast, Avira or Malwarebytes. If you're already using one of these, use one of the other ones listed. It has to be different than what's currently being used. Scan and clean all PCs with FTP access to the website. Then change all FTP passwords to the website, clean the code, re-upload to the website and then request a review (not a reconsideration) from Google Webmaster Tools. This should get you clean. Post back here with any questions.
Posted by CreativHost, 09-11-2009, 05:15 AM
You could get an Acunetix scan done - alternatively, some DC's provide a free scan too ... if you still can't get someone to run a scan for you, we could schedule a free "informational" scan for you - depending on time constraints.
Posted by david510, 09-11-2009, 06:07 AM
You can use clamscan for complete virus scan. Also check for any inclusion of files or malware into the files on the account.
Posted by WebHostingNeeds, 09-13-2009, 03:48 AM
Create an account at https://safeweb.norton.com/, validate your site, you will get report of threats on your site.


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
HELP! who's the best reseller out there? (Views: 464)
What is the best uploading-script? (Views: 420)
Resellergeeks.com is the worst company (Views: 484)
looking for good web based DNS script to check nameservers (Views: 482)
Kualo Reseller Hosting (Views: 472)

Language: