How A Website Security Scanner Helps Lessen Future Cyber Attacks

How A Website Security Scanner Helps Lessen Future Cyber Attacks

As the world entered the era of Web 2.0 around 15 years ago, website development has made a major shift when it comes to creating, maintaining and removing website contents. The used to be the exclusive realm of Javascript and HTML programmers were democratize with Content Management System. The drag and drop and WYSIWYG way of website development are being offered by many web hosting sites for at least a decade now. This enables non-programmers to create great looking websites without the hassle of learning programming languages, especially scripting languages such as Javascript and Cascading Stylesheets.

The lack of programming knowledge and general IT knowledge of many webmasters today, thanks to CMS opens an opportunity for threat actors to take advantage of their very weakness. That is the incapability for them to detect website infiltration. CMS is just another software that makes website management a breeze, but just like other categories of software, they are prone to bugs and exploits. Only a skilled person in scripting and web database like SQL-lite (the most commonly used light database on the Internet) can determine if a malicious file has been inserted to the website, or if the site suddenly features something that wasn’t there previously, like hosting trojan horses.

To help non-programmers keep their websites secure, here in Hackercombat.com, we offer you a Free Web based Malware Scanner. It is an easy to use webportal we provide here in Hackercombat.com in order to scan the domain name of whatever website you wish to scan.

The detailed report will be sent to the user via email, it contains the heuristics scan of the website in question. From there the webmaster will be able to find out if there is an intrusion that occurred in his site, including trojan horse infection and SQL injection attack that happened previously. From a point-of-view of a non-programmer, it is not advisable to rebuild the website from scratch, as the very CMS which he uses for managing the site in itself is infected.

What can be done if the site I managed turned-out to be infected?

This is where the backup mechanism offered by the web hosting service will be tested. Any web hosting company that is worthy to be called a genuine web hosting company with good standing in the industry should offer a backup plan, even at the lowest tier of their hosting service. For a website not hosting a lot of audio files, animation, and images, the entire website should never exceed 200MB in total. Again, we are only talking about the size of the website contents itself, not the size of the CMS software. As the latter can always be uninstalled and reinstalled anytime, providing the webmaster a fresh canvass to start fresh if needed.

With an efficient backup system, the infected website can be ‘reformatted’ and be replaced with a reliable backup copy in a few minutes, not hours, not days. Through the use of CMS plugins, any webmaster can also install a website firewall. It differentiates itself from a local computer firewall, for the fact that through a website firewall, the webmaster can control what traffic is allowed and denied when it comes to accessing the contents of the website.

The bottom line, the only strong weapon of any webmaster is ‘awareness’, as being overconfident with regards to website security is trouble not only for the site administrators but also for the visitors. Lost of confidence is a very difficult problem to solve after a cyber attack happened against a defenseless website.

Julia Sowells883 Posts

Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register