If you receive a security notice or (and) your account has been suspended
Our Netcom servers, scan file uploads in real-time, alongside regular server-side scanning procedures. If we detect Malware attacks on your account, you may get automatically suspended.
Reasons for Suspension
We have implemented this suspension for the following reasons:
– To protect further problems to your website, if allowed more time, hackers can do significant damage to a website and they can install hard to detect backdoors
– To protect against SEO rankings due to SEO poisoning attacks, also to stop Google and other search engines putting your website on a Blacklist.
– To protect your email from unauthorised access. Once a website is hacked, they may be able to gain access to your emails.
– To protect our servers against abuse as part of botnet (remotely controlled cyber missile).
Here’s how to read the reports
The security notice will indicate a list of issues or as an attachment if the list of a certain size.
((( Screen Shot )))
Above are 3 examples.
Legacy Script: The software checks a wide range of web apps for updates that are available, a useful reminder that your software needs updating to reduce the risk of your website being compromised. The files listed are NOT MALWARE – they are scripts that ideally need updating. If you did not develop your website, you should seek to advise and assistance from a web developer before proceeding with any updates. We offer this a service should you need any help. Be sure to do a full website backup of files and database so you can revert back to a working copy if needs be.
WARNING: Issues that have been found that should be investigated, but often are false positives. The software at this stage is not confident enough to suspend the account but detects fragments that are commonly used in Malware. Please note: You should check these files!
CRITICAL: This is noted as a Virus / Malware and we will take immediate action. This is based on these rules:
Non-Script files such as image files. Often hackers will hide malware inside the image code which in-turn makes it easier to upload as some websites don’t check to see if an image is valid before accepting them. CHMOD 000 to prevent public access.
Scripts such as php, perl etc. can be accessed by the general public and can allow control over your website. This is detrimental as yours and customer data can be accessed by hackers. The directory infected file is CHMOD 000 which prevents public access.
What can you do?
If you are a developer or engineer, you can use this list to check off files in your home directory. Sometimes unavoidably, false positives can happen.
If your account gets suspended please send an email to email@example.com and we can advise where necessary.
Should you not understand the security issues or the scripting language your website is built on or if you had someone else develop this for you then we would advise on seeking their advice. We can work with anyone that you authorise to get your website back up and running. Again, please email us and CC in their email address to firstname.lastname@example.org