What you Need to know about Malware Scanning & Detection

All legacy Symantec account portals have moved to CertCentral. Log in below if you’ve already activated your CertCentral account. If not, contact our sales or support teams here. They will send you an email with a unique link to access your account. Login

SECURITY TOPICS

Malware Scanning

Malware is short for malicious software and also known as malicious code. Hackers exploit security weaknesses on your server to gain access to your website and install malicious code.

What is Malware & How Do I Prevent Becoming A Target

Malware uses your website to spread viruses, hijack computers, and steal sensitive data such as credit card numbers or other personal information. Malware code is not easily detected and may infect your customers’ computers when they visit your website.

A typical website (even the simplest blog) may have thousands of potential vulnerabilities. By using vulnerability assessment to identify the most critical vulnerabilities for correction, you may reduce the risk of hackers finding your site and attacking it. DigiCert SSL Certificates include daily scans for website malware and automatic weekly scans that look for vulnerabilities that hackers most commonly exploit. (Compare SSL Certificates for details).

Website Vulnerabilities

How Do I Know If My Website is Free of Malware?

Malicious code is hidden in the source code of your website and can be difficult to detect without line-by-line analysis. Some malware is activated by the display of a page and may not be detected without behavioral analysis of your code using a browser simulator. When you protect your website with a DigiCert SSL Certificate, we include a free daily malware scanning service for your public web pages. If malware is detected, you will be directed to a list of infected pages and notified of the code causing the problem. Once you have deleted all instances of the code, you can request that your site be rescanned within 24 hours.

What Does the Service Scan?

The daily website malware scanning service scans the website code located at the hostname used in the SSL certificate, including javascript and iframes. The service completes a static analysis of website code as well as behavioral analysis through a browser simulation to find code that may be activated by display of a page. The service does not scan every web page on your website, but reviews an optimal number of pages to identify malicious activity. It does not scan your network or search for malware on internal desktop computers or scan attachments or internal web pages that require sign-in.

What Happens if Malware is Detected on My Website?

If malware is discovered, you receive an email alert warning you of the malware infection with instructions to access the scan results within your Trust Center account or your DigiCert PKI Platform console. The Website Security Services tab shows a list of infected pages and the code causing the problem. You or your website administrator can find and delete all instances of the malware and request that your site be rescanned within 24 hours.

When Does the Scanning Service Begin?

The website malware scanning service is activated automatically when your business has been authenticated. There is nothing to download or install for you or your customers. If you decide that you do not want your website protected by a daily website malware scan, simply sign in to the Trust Center or DigiCert PKI Platform console to deactivate scanning.

Scanning Occurs by Domain Name

Scanning occurs by host name. You may have many servers, each one secured by a unique SSL certificate and all of them providing content to a single hostname. The scan is of the html pages located at the hostname, not the servers themselves. As long as you have one active SSL certificate with the hostname, malware scanning is activated. If you decide that you do not want your website protected by a daily malware scan, simply sign-in to the Trust Center or DigiCert PKI Platform console to deactivate scanning of the hostname.

Can I Customize the Website Malware Scan?

Malware scanning may be turned on or off by signing in to your DigiCert Trust Center account and clicking the Malware tab or signing into your DigiCert PKI Platform console. Specific pages or sections of your website cannot be targeted.

Does this Replace My Enterprise Scanning Solution?

No. DigiCert's website malware scan is designed to provide additional assurance to business owners and their customers that the site is regularly checked for malicious code. Traditional anti-malware software focuses on the end point: the desktop. Most enterprise scanning solutions are designed to protect employees from downloading or installing malware rather than protecting the company’s website from distributing malware.

What Does Blacklisted Mean?

Because of the potential damage caused by malware, Google, Yahoo, Bing, and other search engines scan and then blacklist or exclude any site found with malware. If your site is blacklisted, it may be blocked entirely or flagged with a security alert to discourage click through. In addition, anti-virus plug-ins to popular browsers can detect malware and block access to infected sites.

How Can I Protect My Site From Malware?

Like most thieves, malware hackers look for easy targets—such as a website where malware will go undetected for as long as possible. Posting the Norton Seal on your website is like posting an alarm security sign in your front window. It shows hackers that your site is scanned daily to detect malware.

Beginner’s Guide to SSL Certificates

SSL/TLS Explained

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business.

This guide will de-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.

READ BEGINNER'S GUIDE