In our regular clean up/monitoring plans, we run remote scans every 3-6 hours on sites that are being monitored. These scans are very efficient but they can only check your site remotely.
Since a lot of website attacks come from compromised servers and server level infections, we came up with a Server Side Scanner.
This scan is a free extension to our remote malware/blacklist scan and it runs once per day. It checks your website files, looking for backdoors, phishing and other security issues that our remote scanner could miss.
It also tracks file changes, giving you an audit trail of your website file changes.
Server-Side Scan - Host Server Requirements
-
PHP 4 or higher
-
Writable root directory of the website.
public_htmlor another root directory should have the permissions that would allow the web server user (typicallywww-data:www-dataornobody:nogroup) write to that directory. Please usechownorchmodto set it up. -
HTTP/HTTPS access to your website. If you use a custom firewall configuration, please ensure that we can access your website from our IP addresses (you can get the list of IP addresses from our support).
If you cannot meet this requirements, our external monitoring, will provide good detection of most attacks.
You can enable Server Side Scanning for no extra cost. It is not required, but we recommend all our users to enable it whenever possible.
Enabling is very easy, just follow these steps.
