Every SMB should know how to answer the question “does this website have viruses?”. It’s one of the most fundamental parts of website security.
How to check a website for viruses
If you’re asking yourself “does this website have viruses?” there are five key steps you need to take. Invest in a website vulnerability scanner. Have a robust process for managing file uploads. Check your user accounts. Check your login and traffic logs. Check your scheduled tasks (cron jobs in WordPress) and server logs
1. Invest in a website vulnerability scanner
The easiest way to answer the question “does this website have viruses?” is to invest in a website vulnerability scanner. Different website vulnerability scanners will have different options, but you can reasonably expect any decent one to have an anti-malware scanner and usually a firewall for your website applications as well. This is by far the easiest and most efficient way to check for viruses and other malware on your website.
2. Have a robust process for managing file uploads
The safest way to manage file uploads is to turn them off completely. In the real world, however, many companies are likely to be effectively forced to allow them to support key business processes such as managing returns.
If you do decide to allow file uploads then it’s advisable to limit them as much as possible, given the users’ expected level of competency. For example, if your customer base was IT-literate then it might be feasible to ask them to convert all files to .pdf before sending. If, however, they weren’t then you might have to accept JPegs, probably coming straight from their phone.
There are, however, some file types most companies can just ban completely, .exe being the obvious example, but malicious actors may still try to disguise and send them anyway. For example, they might try to alter the extension to make the file look harmless. This is why you need effective checking. Your website vulnerability scanner may be able to handle this, if not, then you need to invest in an additional tool which can.
It’s also advisable to limit the size of file uploads to make it more difficult to use the file upload system for denial of service attacks.
3. Check your user accounts
If you minimize the number of internal users you create and, in particular, the number of admin users you create, then it should be easy to spot any new accounts which shouldn’t be there. At least, it should be if you actually check. Keeping an eye on your list of users is one of the easiest ways to see if there is any reason to be concerned about your website’s security.
In addition to limiting the number of internal user accounts, it’s advisable to have robust processes in place to ensure that they are used appropriately. For example, use two-factor authentication together with strong passwords. Block users after an excessive number of failed-password entries and have users automatically logged out after a certain period of inactivity.
4. Check your login and traffic logs
Keeping track of all users individually is probably going to be too much even for SMBs. Your login and traffic logs, however, can provide aggregate data which is often much easier to use as well as highly informative.
For example, if you see a lot of login attempts from a particular IP address (or range of IP addresses), then it could be a sign that someone is taking an unhealthy interest in your website and that it would be best to block that IP address.
Your traffic logs can often tell you if a website has viruses or other, similar problems. For example, if you see a drop in traffic, then it could be that potential visitors are being diverted somewhere else. It could also be that your site has been registered as potentially compromised and visitors are avoiding it. It could even be that the search engines have blacklisted it completely due to concerns about viruses (or other security issues), hence nobody can find you.
For completeness, if you suffer a malware or hacking attack and clean it up, it’s wise to reach out to your host, the search engines and any blacklisting authorities (e.g. the security companies) to make them aware and ask them to update their records of your site.
5. Check your scheduled tasks (cron jobs in WordPress) and server logs
This is similar to keeping tabs on your users. The fewer scheduled tasks you use, the easier it will be to spot unusual ones. These can be a sign that a hacker is using your server at the times they think you are least likely to notice it.
For the same reason, keep an eye on your server logs, particularly your error messages. These can give indications that a hacker is attempting unauthorized activity on your website.
On the subject of error messages, be careful how much information you give away in them. The best approach is to assign errors a number which can be referenced internally for complete information. Then use the on-screen message to give a visitor the minimum level of information necessary for them to know what to do/expect next.
Please click here now to have your website scanned, for free, by cWatch from Comodo.
Removal
Security stack layer 1
Malware Detect & Removal
Our malware detection scanning, preventive methods and removal enables you to take a proactive approach to protect the business and brand reputation from malware attacks and infections.
- Unsuspecting websites get infected with malicious code.
- Continuous website monitoring to detect any incidents.
- Identify and remediate the cause to hardening your websites.
Comodo cWatch Web can identify malware, provide the tools and methods to remove it, and help to prevent future malware attacks at the edge before it hits the network, included as a paid member.
By clicking the button below, I agree to the Terms of Service and Privacy Policy. Already have an cWatch account? Sign in here
Response
Security stack layer 5
Cyber Security Operations Center
Our exclusive C.S.O.C. is staffed with certified security analysts to monitor, assess and defend websites, applications, databases, data centers, servers, networks, desktops and other endpoints.
- 24 / 7 / 365 security monitoring using state-of-the-art tech.
- Engage clients of complex threats to resolve the issue.
- Real-time web traffic monitoring and proactive incident fixes.
C.S.O.C. checks for threats, identifies and analysis then performs the necessary actions to resolve the issue while offloading costs of in-house experts by using stack layer 3 to handle the heavy lifting.
By clicking the button below, I agree to the Terms of Service and Privacy Policy. Already have an cWatch account? Sign in here
Intelligence
Security stack layer 3
Security Information • Event Management
S.I.E.M. collects logs and events the network traffic and web assets, security devices, operating systems, applications, databases, and reviews the vulnerabilities using artificial intelligence to process.
- Reduces billions of events into prioritized threats real-time.
- Identifies changes in network behavior with activity baselines.
- Flows data searches in real-time streaming or historical mode.
S.I.E.M. senses and tracks significant threats to links to all online supporting data and context for easier investigation. While anomaly detection to identify changes associated with the network safety.
By clicking the button below, I agree to the Terms of Service and Privacy Policy. Already have an cWatch account? Sign in here
Prevention
Security stack layer 4
Web Application Firewall
W.A.F. by Comodo eliminates application vulnerabilities to protect websites and web applications against advanced attacks including Denial-of-Service (DDoS), SQL Injection and Cross-Site Scripting.
- Destroys malicious requests and thwart hack attempts.
- Protection to account registration forms and login pages.
- Malicious bots and brute force attacks are block and patched.
Combined with malware scanning, vulnerability scanning and automatic virtual patching and hardening engines provides robust security is fully managed for Comodo cWatch Web customers.
By clicking the button below, I agree to the Terms of Service and Privacy Policy. Already have an cWatch account? Sign in here
Performance
Security stack layer 2
Add a network of globally distributed servers designed to boost the speed for websites and web applications by transferring content to your user based on their proximity to the nearest CDN web server.
- Proven to increase search engine rankings and site scores.
- 29 worldwide CDN node locations to reach your users.
- Save your bandwidth by leveraging CDN browser caching.
CDN serves your users your website content with virtually unlimited capacity. Giving you the freedom to focus less on site maintenance, more on scaling the uptime of your traffic and target audience.
By clicking the button below, I agree to the Terms of Service and Privacy Policy. Already have an cWatch account? Sign in here
Compliance
Security stack layer 6
Payment Card Industry • Data Security Standard
PCI • DSS ensures that your customers' cardholder info is kept secure from security breaches through a meticulous scan of your network and applications to identify and fix security vulnerabilities.
- Simple and automated way to stay compliant with PCI • DSS.
- Pass the requirements for the 12 points PCI • DSS standard.
- Schedule on-demand PCI scans to report quarterly results.
Establishes and implements a firewall, hardens your environment, disables unnecessary services & configures system parameters to prevent misuse, ensures system audit components are protected.
By clicking the button below, I agree to the Terms of Service and Privacy Policy. Already have an cWatch account? Sign in here
© 2024 Comodo Security Solutions, Inc