UNPKG

@passmarked/malware

Version:

Rules that check if the page or linked pages on the same domain (or external) contain any unwanted software,malware or reported phishing attacks

github.com/passmarked/malware

passmarked/malware

54 lines (37 loc) 2.86 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
The tested page appears to contain malicious code that could be downloaded to your computer without your consent as reported by either [Safe Browsing](https://developers.google.com/safe-browsing/) or [Phishtank](https://www.phishtank.com/). # How do I fix this ? Common ways to find malicious activity: **Malicious scripts** >Attackers will often inject scripts into the content of your web pages, `<script src="http://www.google-anaiytics.com/urchin,js"></script`, note the spelling. Other files like images and PDF's aren't safe from this attack either. Attackers may also use obfuscation to make it more difficult for antivirus software to detect. **.htaccess redirects** >Many hosting providers use the Apache web server, which uses a hidden server file called .htaccess. Attackers will sometimes modify this file to redirect users to harmful websites. **Hidden iframes** >An iframe is a section of a web page that loads content from another web site or page. Attackers will often use this method to inject malicious iframes into a web page. These iframes will be configured to not show on the web page, but still load it's content. `<iframe src="http://www.youdontseeme.info" width=0 height=0 frameborder=0>` There are a few recommendations before cleaning up your site: * Change all passwords related to your site. * Make sure all the software used is up-to-date. * Use reputable antivirus software to scan your development machine. * Take your site offline to protect your visitors from any malicious activity. Securing your site: * Backup regularly. * Use a file viewer. * Keep all software updated. * Use free/paid website scanning services. * Consider using SSH or SFTP instead of FTP. * Consider using a website monitoring service. * Use secure computers when accessing your site. * Use appropriate file permissions on your web server. * Clean up your site, removing all malicious code/files. * Use caution when deciding which third party scripts and plugins to install. * Remove any scripts, plugins, or other software that you are no longer using. When you have secured/cleaned your site from malicious code, you need to request a review of the affected URL's. There are a few ways to do this: * Requesting a review by [stopbadware](https://www.stopbadware.org/request-review) * Report it to [Google Safe Browsing](https://www.google.com/safebrowsing/report_error/) * Using [Google Webmaster Tools](https://www.google.com/webmasters/tools/home?hl=en), which is the fastest way. # Resources * [Phishtank](https://www.phishtank.com/) * [Common hacks](https://www.stopbadware.org/common-hacks) * [Resources for hacked sites](https://www.stopbadware.org/hacked-sites-resources) * [Preventing malware basics](https://www.stopbadware.org/prevent-badware-basics) * [Google Safe Browsing](https://developers.google.com/safe-browsing/)