Do you even know if your website has been compromised with a hidden backdoor which allows hackers to gain control? Do you even know if your website harbors malicious code which could potentially infect anyone visiting your website? Based on this article the US leads in Malware hosting.
Through the years managing a web server or website I have had my share of being a victim to break-in attempts. One of my user accounts got compromised due to a weak password which was then exploited to send thousands of spam through the server. Consequently my server’s IP address got blacklisted as a spammer causing legitimate emails to be rejected by ISPs. Another experience I had involved an account owner’s website being compromised which allowed hackers to embed malicious code designed to infect anyone visiting the website. The unknowing website visitor was sent to the users infected website from a link within a phishing email. Since then I now have a scheduled Malware scanner to scan all the websites hosted. This tutorial covers how to install a malware detector called Maldetect.
So to answer the question how secure is your web server or website? If you’re a Linux user you could install the web scanner called Nikto. To find out if there are any vulnerabilities which could be use to exploit your website. Once installed it can be run on the command line like.
Install nikto. apt-get install nikto Update the database first. This downloads known software vulnerabilities. nikto -update Before you run it against your website you may want to inform your hosting provider for they might block your IP address. Then run it against your website. Be patient this could take a long time. nikto -h yourwebsite.com
How secure is your web server or website?
If you’re not comfortable using command line you could use a free online alternative from Scanmyserver.com.
To start off I only needed to put in the URL of my website to scan. Then click scan.
It then required me to put in my email address.
Then it asked me to confirm my email and domain by clicking last step.
It gave me three options to prove I am the owner of the website about to be scanned. I picked option view file. It gives me a file to download called fd0dfc.html. I uploaded this file using an FTP client program into the root directory of my website which is inside a folder call /public_html. Most hosting companies will refer to this directory as your root folder. With the file uploaded, click on the link to verify if you are able to view the file before clicking confirm now.
When confirmation is done, the message shows IP addresses where the security scan will come from. If you have any security monitors installed on the server, this would be a good time to add these three IP addresses into your allowed hosts list. If you do not run your own web server you may want to inform your hosting provider. The scan uses a low impact scan as to not stress the server being scanned.
Signing in Scanmyserver.com using the information you received via email from Scanmyserver.com you are able see the results of the security scan. The higher the score the better. A low score indicates a website is highly vulnerable to an attack. My first scan resulted with one medium vulnerability but it conveniently provided a link for more information specific to each vulnerability discovered. It even had information on how to fix the vulnerability.
In my case all I had to do was to set the value of (expose_php) to off in php.ini.
After making the correction the next scan comes up with a higher score. There are six low vulnerabilities discovered which according to Beyondsecurity.com is OK to ignore.
As you can see from the results of the scan, it does have an extensive security test. These are the growing lists of exploits the scanner looks for when scanning my website.
From the scans settings page that is where you launch another new scan after making corrections to fix vulnerabilities discovered. In addition to the URLs the scanner provided, you could also add more URLs to scan for vulnerabilities.
There is even an option to scan back-end pages.
From the my account menu you have the option to schedule an automated vulnerability scan for your website which will then email you the result weekly or monthly. What better way to stay on top of your websites security than to just rely on your daily intrusion alerts? With this free security scanner you are able to stay on top of any newly discovered vulnerability hopefully before the bad guys are able to exploit it!
To give website visitors assurance they are visiting a secure site free of malicious codes Scanmyserver.com provided the option to embed a seal into your website. If for some reason on the next scan, a high or medium vulnerability gets discovered, any site visitor clicking on the posted will not obviously be provided the newly discovered vulnerability. Scanmyserver.com is smart enough not to disclosed information which could lead to potential security breach. Only the site owner will be receive an email notification.
If you’re serious about your server or websites security, go test it now before you become a victim. With this free easy to use vulnerability scanners there is absolutely no excuse not to! Or you can just cross your fingers and hope no one will hack your website.