What is ThreatSign! - Website Anti Malware Monitoring dashboard?
ThreatSign! is a Website Anti-Malware product which detects malicious and suspicious activity on a website helping companies to manage cybersecurity risks efficiently and with no hassle. The ThreatSign! provides real-time website malware monitoring, scanning and instant notifications that allow you to act quickly upon active threat detection. It doesn't require an installation. The setup is quick, simple and straightforward. Once registration is completed, you will be able to access your account via a dashboard. The dashboard is the web UI interface that allows you to perform periodic scans, customize monitoring settings such as report notification, initiate a re-scan request, view scan reports, contact support team, request malware & blacklisting removal and more. It is easy to use, accessible from anywhere, no installation needed. It saves your time, and it does not require specialized knowledge to manage it.
As a website/ blog owner, you obviously care about your reputation and your visitors' safety. Sometimes, taking all precautions in managing users' database, protecting server info, and managing upload directories and in other routine activities still fails to avoid hacking. There are no 100% hacker-proof web resources. In this case, if you don't act fast, the consequences are very unpleasant. To be on the safe side, just add your website or websites to Monitors and get notified each time any signs of suspicious activities are detected. You can always Re-scan your domain at any time from within the dashboard. Avoiding blacklisting and traffic loss with website malware monitoring is essential because it allows you to run your business smoothly, building trust in cyberspace.
You will notice other new fields in your Monitor configuration which are optional but can be useful or even required depending on your system settings.
Username (optional) - sets a username when access to the scanned URL content requires identification Password (optional) - sets a password when access to the scanned URL content requires identification HTTP agent (optional) - sets an HTTP agent when access to the scanned URL is permitted to certain HTTP agents only Crawler type - sets the type of the crawler to use when downloading the URL content:
qrobot - (default) Quttera proprietary Distributed Heuristic Crawler type - It uses Page Rank algorithm for its increased efficiency and quality. The benefit of distributed heuristic web crawler is that it is robust against system crashes and other events. Supported by a majority of the hosting platforms.
wget - Focused Crawler type - downloads the pages that are related to each other. It is also known as a Topic Crawler because of its way of working. The focused crawler determines the following – Relevancy, Way forward. Should be used if your website set on a low spec hardware.
Crawler workers (0-10) - sets the number of the crawlers to use when running on-demand or scheduled scan job SSL version (for HTTPS only) - sets the exact version of SSL algorithm (use only if qrobot fails to auto-detect it) Scan type - sets the malware scan sensitivity level:
Heuristic - detects both known and unknown (Potentially Suspicious and Suspicious severities) threats as well as anomalies and behavioral-based detection. (default)
Normal - detects only the known (Malicious severity) threats
How to add a website to Internal Monitoring (FTP/ SFTP) - Server Side malware scanning?
You can now scan your website for malware and threats internally (Server Side Scanning). Just go to Submit Internal Monitoring (FTP/ SFTP) Setup Request in your ThreatSign user dashboard UI, fill in the form and then click Submit.
You will receive a confirmation notification once the internal scan setup completed successfully.
The default malware scan interval for the internal monitor is 24 hours.
You can access the Internal monitors status on the following views: Dashboard, My Monitors, and Recent Malware Scan Reports.
Create Internal Monitoring (FTP/ SFTP) - Server Side malware scanning for a website
You can set up the Uptime monitoring for your domain to track: HTTP timeouts, IP changes (Configured IP vs Resolved IP), and DNS record modifications. You can access the Uptime monitoring status on the following views: Dashboard and My UpTime Monitors.
Review or Modify the uptime monitoring and DNS/ IP integrity checks
Use toolbar commands to access website DNS/ IP configuration, review uptime statistics or edit the parameters of the monitor.
To turn On/Off the uptime monitoring, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and select the desired value for the Uptime monitoring options menu. The ThreatSign platform will send both the timeout and the back up alerts to the Notification email address. The timeout alert will be triggered based on the value set in HTTP timeout (30-90) secs options menu.
To set the DNS record of the Monitor, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and enter IP address into the Host IP address (to track DNS attacks) input window or accept the automatically detected value.
You can access the Uptime report view for the monitored domain by clicking the Review uptime statistics button next to the corresponding monitor in the My UpTime Monitors view.
You can access the Monitor DNS settings view for the monitored domain by clicking the Review DNS settings button next to the corresponding monitor in the My UpTime Monitors view.
In the Reports menu of your dashboard click Recent ThreatSign! Reports
In the Latest Reports For Monitors section click button next to the desired monitor
In the Control Panel of your dashboard click My Monitors
Click the button next to the desired monitor to view the settings
In the Monitor Parameters page click View Scan Report button
Scan reports archive:
ThreatSign platform will save last 14 scan reports in PDF format for each monitor that you have in your plan. You can access the reports on the Scanning History view at any time by going to Control Panel / My Monitors and clicking the Review the scanning history button next to the corresponding monitor.
How to request malware cleanup and blacklisting removal?
The malware removal process is manual and automated. Every cleanup is handled by a malware analyst whose responsibility is to clean-up all the malicious content from an infected website and make sure there are no leftovers. Once a Website is clean and no malware present, we initiate a blacklist removal. The malware removal process is conducted remotely using FTP/HTTP/SFTP and via SSH if we find that FTP/HTTP/SFTP are not stable enough.
In the Help Center menu of your dashboard click Submit Malware Cleanup Request
Fill in the Malware Cleanup Request form and click Submit button
Also, please add email@example.com email address to your "Google Webmaster Tools", if you are using it.
Malware analyst will be assigned to your case and will work with you until the resolution.