My malicious web site

You have a legitimate business, heavily relying on a website. And out of the blue that website becomes blacklisted in major browsers. Quick look at the reason reveals that your Chrome, Firefox or Internet Explorer thinks that this site is installing malicious software.

But it is your site, and you know you did not put anything like that there !

Sometimes that is exactly how it works. Web sites are rather complicated entities, and there may be many points of entry that attackers can get in. For example it may be possible to upload or add malicious content into web code or into an image file. Cross site scripting and code injection are quite popular methods as well.

It is up to you to look through your code, and up to your hosting provider to check server security and permissions. But first we need to find out if it is indeed our site compromised, or is it false report.

Luckily, there are few tools available to help with that job.

For starters, online web content scanners like :

  • Norton Safe Web, from Symantec
  • AVG Online Web Page Scanner
  • Sucuri Security Scanner
  • Unmask Parasites
  • BrightCloud

After that we can check the reputation of the site :

  • McAfee SiteAdvisor Software
  • Google Safe Browsing diagnostics
  • WOT Web of Trust
  • TrustedSource
  • Trend Micro Site Safety Center

From there we could take it on a higher level and try few vulnerability scanning tools :

  • Nikto
  • Wikto
  • Web Site Security Audit

A much extended list with links is available here :

This entry was posted in Managed Hosting. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>