ThreatSign! is a Website Anti-Malware product which detects malicious and suspicious activity on a website helping companies to manage cybersecurity risks efficiently and with no hassle. The ThreatSign! provides real-time website malware monitoring, scanning and instant notifications that allow you to act quickly upon active threat detection. It doesn't require an installation. The setup is quick, simple and straightforward. Once registration is completed, you will be able to access your account via a dashboard. The dashboard is the web UI interface that allows you to perform periodic scans, customize monitoring settings such as report notification, initiate a re-scan request, view scan reports, contact support team, request malware & blacklisting removal and more. It is easy to use, accessible from anywhere, no installation needed. It saves your time, and it does not require specialized knowledge to manage it.

As a website/ blog owner, you obviously care about your reputation and your visitors' safety. Sometimes, taking all precautions in managing users' database, protecting server info, and managing upload directories and in other routine activities still fails to avoid hacking. There are no 100% hacker-proof web resources. In this case, if you don't act fast, the consequences are very unpleasant. To be on the safe side, just add your website or websites to Monitors and get notified each time any signs of suspicious activities are detected. You can always Re-scan your domain at any time from within the dashboard. Avoiding blacklisting and traffic loss with website malware monitoring is essential because it allows you to run your business smoothly, building trust in cyberspace.

Top

It is very simple. The rule is: Monitor == domain to scan.

Please follow these steps to add the new domain to monitor:

  1. In the Control Panel of your dashboard click Add Monitor
  2. Fill in the form and then click Create button. Make sure you get confirmation with a link to monitor details.
  3. Activate the monitor

An activated monitor will enter the scan queue automatically.

  • Adding website to malware monitoring - external scanning

    Create External Monitoring (HTTP/ HTTPS) - Client Side malware scanning for a website

    Fill in the form and click Create button

Top

You will notice other new fields in your Monitor configuration which are optional but can be useful or even required depending on your system settings.

Username (optional) - sets a username when access to the scanned URL content requires identification
Password (optional) - sets a password when access to the scanned URL content requires identification
HTTP agent (optional) - sets an HTTP agent when access to the scanned URL is permitted to certain HTTP agents only
Crawler type - sets the type of the crawler to use when downloading the URL content:

  • qrobot - (default) Quttera proprietary Distributed Heuristic Crawler type - It uses Page Rank algorithm for its increased efficiency and quality. The benefit of distributed heuristic web crawler is that it is robust against system crashes and other events. Supported by a majority of the hosting platforms.
  • wget - Focused Crawler type - downloads the pages that are related to each other. It is also known as a Topic Crawler because of its way of working. The focused crawler determines the following – Relevancy, Way forward. Should be used if your website set on a low spec hardware.
Crawler workers (0-10) - sets the number of the crawlers to use when running on-demand or scheduled scan job
SSL version (for HTTPS only) - sets the exact version of SSL algorithm (use only if qrobot fails to auto-detect it)
Scan type - sets the malware scan sensitivity level:
  • Heuristic - detects both known and unknown (Potentially Suspicious and Suspicious severities) threats as well as anomalies and behavioral-based detection. (default)
  • Normal - detects only the known (Malicious severity) threats

Top

You can now scan your website for malware and threats internally (Server Side Scanning). Just go to Submit Internal Monitoring (FTP/ SFTP) Setup Request in your ThreatSign user dashboard UI, fill in the form and then click Submit.

You will receive a confirmation notification once the internal scan setup completed successfully.

The default malware scan interval for the internal monitor is 24 hours.

You can access the Internal monitors status on the following views: Dashboard, My Monitors, and Recent Malware Scan Reports.

  • Adding website to malware monitoring - external scanning - server side FTP/ sFTP scanning

    Create Internal Monitoring (FTP/ SFTP) - Server Side malware scanning for a website

    Fill in the form and click Submit button

Top

You can set up the Uptime monitoring for your domain to track: HTTP timeouts, IP changes (Configured IP vs Resolved IP), and DNS record modifications. You can access the Uptime monitoring status on the following views: Dashboard and My UpTime Monitors.

  • Uptime & DNS/ IP security monitoring

    Review or Modify the uptime monitoring and DNS/ IP integrity checks

    Use toolbar commands to access website DNS/ IP configuration, review uptime statistics or edit the parameters of the monitor.

Settings:

  • To turn On/Off the uptime monitoring, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and select the desired value for the Uptime monitoring options menu. The ThreatSign platform will send both the timeout and the back up alerts to the Notification email address. The timeout alert will be triggered based on the value set in HTTP timeout (30-90) secs options menu.
  • To set the DNS record of the Monitor, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and enter IP address into the Host IP address (to track DNS attacks) input window or accept the automatically detected value.

Reporting:

  • You can access the Uptime report view for the monitored domain by clicking the Review uptime statistics button next to the corresponding monitor in the My UpTime Monitors view.
  • You can access the Monitor DNS settings view for the monitored domain by clicking the Review DNS settings button next to the corresponding monitor in the My UpTime Monitors view.

Top

In order to stop malware monitoring for a website, you can:

  1. Delete the monitor (removes the domain from the system)
  2. De-activate the monitor (suspends the periodic scan)

Please follow these steps to delete monitor:

  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitor Parameters page click Delete button to get the Delete Monitor confirmation page
  4. Click Confirm button to proceed with the deletion
  • Managing website malware monitoring

    My Monitors section

    Quick access toolbar allows to Configure, Suspend(deactivate monitoring) and Resume(activate monitoring)

  • Configuring malware monitoring for website

    Monitor Parameters

    Review and edit configuration of the monitor

Please follow these steps to de-activate monitor:

Option A

  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitor Parameters page click Suspend button to get the Monitor suspension status confirmation page

Option B

  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to suspend its periodic scan jobs

Top

Instead of adding monitors one by one, as described above, you can create a text file with domain names and upload to your ThreatSign! user dashboard UI.

Please follow these steps to add multiple domains to malware monitoring:

  1. In the Control Panel of your dashboard click Add Multiple Monitors
  2. Select a file with the domain names (one name per row)
  3. Fill in the form and press Create button. Make sure you get confirmation with list of all websites and created monitors.
  • Adding multiple websites to malware monitoring

    Create malware monitoring for multiple websites

    Fill in the form, upload the file with domain names and press Create button

Top

  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitor Parameters page click Edit Configuration button to access monitor parameters
  4. Select the desired value in the Periodic scan interval(in hours) options menu and click Save

Top

You can configure the cases in which you would like to receive HTML/PDF malware scan report. These can be Every Scan, Only If Malware Detected or Never.

  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitor Parameters page click Edit Configuration button to access monitor parameters
  4. Select the desired value in the Notification policy options menu and click Save

The additional recipient of the website malware scan reports can be defined in Notification email field.

Top

URLs added to the Whitelist are assigned Clean status automatically and will not be scanned.

To add URL to the Whitelist:

  1. In the Control Panel of your dashboard click Add URL to Whitelist
  2. In the Whitelist a URL section enter the URL name in the input panel and click Whitelist

To remove files from Whitelist:

  1. In the Control Panel of your dashboard click My Whitelist
  2. In the User Whitelist section find the desired URL and click remove

Which files to add to Whitelist?

If you are not sure whether or not a specific file/URL can be added to the whitelist, just submit malware cleanup request and our team will check it out for you.

Top

Option A

  1. In the Reports menu of your dashboard click Recent ThreatSign! Reports
  2. In the Latest Reports For Monitors section click button next to the desired monitor

Option B

  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitor Parameters page click View Scan Report button

Scan reports archive:
ThreatSign platform will save last 14 scan reports in PDF format for each monitor that you have in your plan. You can access the reports on the Scanning History view at any time by going to Control Panel / My Monitors and clicking the Review the scanning history button next to the corresponding monitor.

Top

You can choose between standard and small size(s) of the seal to best fit your site. Note that the certificate is available for the Clean monitors only.

  1. In the Scan Report scroll down to the Anti-Malware Scan Certificate section
  2. Select the desired size of the seal image and copy code to the clipboard
  3. Paste the code on your website page and refresh the browser view to ensure the proper display

Top

The malware removal process is manual and automated. Every cleanup is handled by a malware analyst whose responsibility is to clean-up all the malicious content from an infected website and make sure there are no leftovers. Once a Website is clean and no malware present, we initiate a blacklist removal. The malware removal process is conducted remotely using FTP/HTTP/SFTP and via SSH if we find that FTP/HTTP/SFTP are not stable enough.

  1. In the Help Center menu of your dashboard click Submit Malware Cleanup Request
  2. Fill in the Malware Cleanup Request form and click Submit button

Also, please add support@quttera.com email address to your "Google Webmaster Tools", if you are using it.

Malware analyst will be assigned to your case and will work with you until the resolution.

Top

This information is unique per account owner. Please open a ticket in quttera helpdesk.

Top

  1. In the My Account drop-down menu select Reset password
  2. Enter a new password in New password and Confirm password input panels and click the Reset button

Top

  1. In the Help Center menu of your dashboard click Submit Support Ticket
  2. Type in your request and click Submit Ticket button

Top

To upgrade your ThreatSign! account please send email to support@quttera.com or open a ticket in quttera helpdesk

Top

To completely delete your ThreatSign! account please send email to support@quttera.com or open a ticket in quttera helpdesk

Top


Annual Website Malware Report 2016 | Quttera

Blog: Legitimate Code Wrappers & Malware

Incident response insights: Backdoor malware wrapped using the legitimate online obfuscator to bypass the security monitoring.

READ MORE

Annual Website Malware Report 2016 | Quttera

Blog: Vulnerable WordPress Newspaper Theme

Clean up the 'WordPress NewsPaper theme malware' and protect your website from the similar attacks.

READ MORE

Annual Website Malware Report 2016 | Quttera

Blog: Hardening WordPress Website

What are the 6 best practices you could implement Today to protect your WordPress website from hackers?

READ MORE


  • Connect With Us
  • Facebook
  • Twitter
  • YouTube
  • LinkedIn

© 2018 Quttera Ltd. All rights reserved.