What is ThreatSign! - Website Anti-Malware dashboard?
ThreatSign! is an all-in-one cloud-based Website Anti-Malware product which detects and blocks malicious and suspicious activity on a website helping companies to manage cybersecurity risks efficiently and with no hassle. The ThreatSign! provides Web Application Firewall (WAF), real-time website malware monitoring, scanning and instant notifications that allow you to act quickly upon active threat detection. It doesn't require an installation. The setup is quick, simple and straightforward. Once registration is completed, you will be able to access your account via a dashboard. The dashboard is the web UI interface that allows you to enable website protection against cyber attacks, setup periodic security scans, customize monitoring settings such as report notification, initiate a re-scan request, view scan reports, contact support team, request malware & blacklisting removal and more. It is easy to use and accessible from anywhere. It saves your time, and it does not require specialized knowledge to manage it.
As a business owner, your website is one of the most critical ways you communicate with your clients and the public at large. With so many cyber attacks recently, your website security and your visitors' safety are top priorities. Sometimes, taking all precautions in managing users' database, protecting server info, and managing upload directories and in other routine activities still fails to avoid hacking. That's why businesses from over 32 countries choose ThreatSign! as their Security as a Service (SECaaS) provider to protect their websites from cybercriminals and online threats. There are no 100% hacker-proof web resources. In this case, if you don't act fast, the consequences are very unpleasant. Monitor your websites for malware with our client-side and server-side malware scanners, enable Website Application Firewall to block malignant requests to your site, regularly check blacklisting status and DNS/IP records of your domain in the emailed reports and in your user dashboard UI. These and other vital defenses provided by ThreatSign! ensures your team gets notified promptly each time any signs of suspicious activities are detected. Our team of top information security experts is at your service whenever you need help. Avoiding blacklisting and traffic loss with website anti-malware platform is essential because it allows you to run your business smoothly, building trust in cyberspace.
You will notice other new fields in your Monitor configuration which are optional but can be useful or even required depending on your system settings.
Username (optional) - sets a username when access to the scanned URL content requires identification Password (optional) - sets a password when access to the scanned URL content requires identification HTTP agent (optional) - sets an HTTP agent when access to the scanned URL is permitted to certain HTTP agents only Crawler type - sets the type of the crawler to use when downloading the URL content:
qrobot - (default) Quttera proprietary Distributed Heuristic Crawler type - It uses Page Rank algorithm for its increased efficiency and quality. The benefit of distributed heuristic web crawler is that it is robust against system crashes and other events. Supported by a majority of the hosting platforms.
wget - Focused Crawler type - downloads the pages that are related to each other. It is also known as a Topic Crawler because of its way of working. The focused crawler determines the following – Relevancy, Way forward. Should be used if your website set on a low spec hardware.
Crawler workers (0-10) - sets the number of the crawlers to use when running on-demand or scheduled scan job SSL version (for HTTPS only) - sets the exact version of SSL algorithm (use only if qrobot fails to auto-detect it) Scan type - sets the malware scan sensitivity level:
Heuristic - detects both known and unknown (Potentially Suspicious and Suspicious severities) threats as well as anomalies and behavioral-based detection. (default)
Normal - detects only the known (Malicious severity) threats
How to add a website to Internal Monitoring (FTP/ SFTP) - Server Side malware scanning?
You can now scan your website for malware and threats internally (Server Side Scanning). Just go to Submit Internal Monitoring (FTP/ SFTP) Setup Request in your ThreatSign user dashboard UI, fill in the form and then click Submit.
You will receive a confirmation notification once the internal scan setup completed successfully.
The default malware scan interval for the internal monitor is 24 hours.
You can access the Internal monitors status on the following views: Dashboard, My Monitors, and Recent Malware Scan Reports.
Create Internal Monitoring (FTP/ SFTP) - Server Side malware scanning for a website
You can set up the Uptime monitoring for your domain to track: HTTP timeouts, IP changes (Configured IP vs Resolved IP), and DNS record modifications. You can access the Uptime monitoring status on the following views: Dashboard and My UpTime Monitors.
Review or Modify the uptime monitoring and DNS/ IP integrity checks
Use toolbar commands to access website DNS/ IP configuration, review uptime statistics or edit the parameters of the monitor.
To turn On/Off the uptime monitoring, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and select the desired value for the Uptime monitoring options menu. The ThreatSign platform will send both the timeout and the back up alerts to the Notification email address. The timeout alert will be triggered based on the value set in HTTP timeout (30-90) secs options menu.
To set the DNS record of the Monitor, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and enter IP address into the Host IP address (to track DNS attacks) input window or accept the automatically detected value.
You can access the Uptime report view for the monitored domain by clicking the Review uptime statistics button next to the corresponding monitor in the My UpTime Monitors view.
You can access the Monitor DNS settings view for the monitored domain by clicking the Review DNS settings button next to the corresponding monitor in the My UpTime Monitors view.
In the Reports menu of your dashboard click Recent ThreatSign! Reports
In the Latest Reports For Monitors section click button next to the desired monitor
In the Control Panel of your dashboard click My Monitors
Click the button next to the desired monitor to view the settings
In the Monitoring Parameters page click Scan Report button
Scan reports archive:
ThreatSign platform will save last 14 scan reports in PDF format for each monitor that you have in your plan. You can access the reports on the Scanning History view at any time by going to Control Panel / My Monitors and clicking the Review the scanning history button next to the corresponding monitor.
To complete the deployment process and configure the website protection please contact our support team. You can contact the support directly from your dashboard UI. Alternatively, you can email email@example.com or open a ticket at quttera helpdesk
Note: Current version of the WAF supports any web server running PHP. We plan to support other environments in later releases.
How to request malware cleanup and blacklisting removal?
The malware removal process is manual and automated. Every cleanup is handled by a malware analyst whose responsibility is to clean-up all the malicious content from an infected website and make sure there are no leftovers. Once a Website is clean and no malware present, we initiate a blacklist removal. The malware removal process is conducted remotely using FTP/HTTP/SFTP and via SSH if we find that FTP/HTTP/SFTP are not stable enough.
In the Help Center menu of your dashboard click Submit Malware Cleanup Request
Fill in the Malware Cleanup Request form and click Submit button
Also, please add firstname.lastname@example.org email address to your "Google Webmaster Tools", if you are using it.
Malware analyst will be assigned to your case and will work with you until the resolution.
A credit card skimmer inserts a request for credit card information and sends the response to the attacker's site. Recently we found another variant on the same trick, using the Google Analytics Pro plugin.