Sucuri Answers Your Malware Questions

In what I think is a great service to anyone who operates a website, the security service Sucuri has started to publish articles containing answers to user submitted questions. In their latest installment, they answer some general questions such as why anyone would want to hack your site, what they gain by attacking a website, and how to check if your site is infected, which is of course an advertisement for their free site scanner.

Sucuri Security Scan For WPTavern.com

Speaking of their scanner, I checked WPTavern the other day and was relieved to see that the site came up clean. I’ve read too many horror stories from people who have had to try and save compromised websites to know that it’s nothing short of a giant pain in the rear to make sure everything is clean.

4 Comments


  1. I think another way to check if the site is infected is if it’s listed in any major DNSBLs, for example if I ping your site, then take the IP then check in mulitple DNBLs it comes out clean http://ip-address-lookup-v4.com/ip/174.132.192.61 , the DNSBL stands for DNS-blacklist!

    Report


  2. I subscribed last night to try out their service on a malware hit WordPress site and they clean it up in 30 minutes, would have taken me a lot longer manually! Very impressed, recommended.

    Report


  3. I’ve had to clean out quite a few infected sites. They’re a pain in the neck, but it’s really not that hard. The main trick is to (A) know what caused the infection (to prevent it happening again) and (B) have backups.

    Most people with struggle with both of those and so services like Sucuri are ideal.

    Report


  4. @kalvin – the only issue with that is if you have haven’t been blacklisted. The idea is to catch it before you do right? :)

    @simon – That’s really awesome. Glad it worked out so well for you. Not always that clean cut, but we do resolve 70% of tickets within 3 hours..:)

    @Ryan – You hit the nail on the head. I would say backups are the most important. While knowing how it happened, it can be a challenge when working with 100’s if not 1,000’s of sites. Easy to do it for a few sites if you own the servers and associated sites. I would say more importantly its ensuring you’re practicing good webmaster techniques when managing your server. I would also say that finding all back-doors, whether related to the infection or not, is going to take you a long way. :)

    By far one of the biggest contributors we are seeing are related to this: http://blog.sucuri.net/2012/03/a-little-tale-about-website-cross-contamination.html

    Perfect example was here: http://blog.sucuri.net/2012/03/website-cross-contamination-blackhat-seo-spam-malware.html

    Report

Comments are closed.