Results 1 to 7 of 7
  1. #1
    Join Date
    Jul 2009
    Posts
    71

    Server Security Sweep

    Can anyone recommend a vendor to do a site sweep to identify where we have loopholes on our site Our site was classified by google as having suspicious activity.

  2. #2
    Join Date
    Sep 2007
    Posts
    368

    *

    Quote Originally Posted by mobiledynamics View Post
    Can anyone recommend a vendor to do a site sweep to identify where we have loopholes on our site Our site was classified by google as having suspicious activity.

    Welcome to WHT.

    Its very common now a days, If your site is showing red malware warning means that means your site is got hacked and you need to scan your site with some good antvirus then check the code related files which shows infected, remove infected portion from files, after that rescan it, after that submit request to google for consideration after that wait for some hours around 10-12, Google will mark your site clean and red warning gone

  3. #3
    Even if its not hacked google sometimes shows you that warning that means you need to clean your websites files with some good anti virus software. AVG turned out to be a good one for us.
    www.24x7servermanagement.com
    Server Management, Server Security, Server Monitoring.
    India's Leading Managed Service Provider !! Skype: techs24x7

  4. #4
    Join Date
    Oct 2008
    Location
    Chicago, IL
    Posts
    190
    Often times, especially this year, a hacked website isn't the result of some vulnerability in the website at all. It's the result of a virus on a PC with FTP access to the website.

    The virus steals the FTP login credentials, sends them to a server which then carries out the process of injecting he malscripts into the website. It then monitors the website to see if anyone removes the code. If their hacked code is removed, it tries to re-infect the website again maybe with a different malscript.

    We've seen forums where these FTP login credentials are bought and sold. So once someone infects a website, they can then sell the FTP credentials so that others can infect the website as well.

    The hackers do this to make money. They get paid an affiliate commission for every PC they install certain software on. By infecting websites that then infect PCs they get paid.

    You probably won't find any viruses on the website that Google has blacklisted. However, you will find a virus on a PC with FTP access to the website.

    What you have to do is use a different anti-virus from what is currently installed. The reason for this is that the virus knows how to evade detection from the currently installed anti-virus program.

    Many have had good luck with AVG, Avast, Avira or Malwarebytes. If you're already using one of these, use one of the other ones listed. It has to be different than what's currently being used.

    Scan and clean all PCs with FTP access to the website. Then change all FTP passwords to the website, clean the code, re-upload to the website and then request a review (not a reconsideration) from Google Webmaster Tools.

    This should get you clean.

    Post back here with any questions.

  5. #5
    You could get an Acunetix scan done - alternatively, some DC's provide a free scan too ... if you still can't get someone to run a scan for you, we could schedule a free "informational" scan for you - depending on time constraints.

  6. #6
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,750
    Quote Originally Posted by mobiledynamics View Post
    Can anyone recommend a vendor to do a site sweep to identify where we have loopholes on our site Our site was classified by google as having suspicious activity.
    You can use clamscan for complete virus scan. Also check for any inclusion of files or malware into the files on the account.
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  7. #7
    Create an account at https://safeweb.norton.com/, validate your site, you will get report of threats on your site.

Similar Threads

  1. paypal auto sweep alternative - daily settlement
    By nightwalker in forum Ecommerce Hosting & Discussion
    Replies: 7
    Last Post: 12-26-2008, 06:13 PM
  2. paypal auto sweep issues
    By nightwalker in forum Ecommerce Hosting & Discussion
    Replies: 10
    Last Post: 12-26-2008, 05:51 PM
  3. Problem with mail after disk sweep
    By Ginny in forum Web Hosting Lounge
    Replies: 0
    Last Post: 04-01-2005, 09:33 AM
  4. Password sweep on my servers.....
    By galacnet in forum Hosting Security and Technology
    Replies: 5
    Last Post: 03-26-2005, 06:59 AM
  5. Feds nab 125 in global cybercrime sweep
    By Tropical Tundra in forum Web Hosting Lounge
    Replies: 2
    Last Post: 11-23-2003, 09:52 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •