Ask Sucuri: What should I know when engaging a Web Malware Company?

We work in a business in which it is always chaos. In most situations the client is often distraught, vulnerable, and is plagued with this feeling of being out of control. It is the business of web malware cleanup. The last thing any website owner wants is to delay the cleanup process because of silly things that could have been easily prevented.

In our mind, there are three things you must know before engaging with any web malware company:

  • Know Your Host
  • Know How to Access Your Server
  • Have a Backup

As simple as they may appear, they still remain allusive to many.

1. Hosting Environment

Where does your website live? Where does it communicate with the internet? The chances are you have paid someone to host the website for you. It is important to know who that is.

Questions to ask yourself include:

  • Who is my website host?
  • How do you contact them when everything seems to be going wrong? (i.e., phone, email, twitter, skype, chat, etc..)
  • How responsive are they?
  • How do you access your administrator panel?
  • In the event of malware, what is your hosts stance? Will they help you or tell you its your problem, deal with it.

If you had a development/design shop set things up for you, be sure that you are the point of contact on the account, especially if you’re paying for it. The last thing you want is to learn you don’t have access to your own website, and your development/design shop is nowhere to be found.

Understand your hosts protocol for malware remediation. Its not uncommon for them to disable your website if malware is found. This can cause a certain level of distress at the most inopportune time, so be aware of their processes and become proactive.

The Key is to engage with a web malware company before you get infected!

Ask if they support SFTP/SSH, this provides a secure connection to your server[s] and is the preferred communication mechanism. If they don’t, ask them why. Any firm or agent hired to clean your site will need some form of access, secure access is always the preferred method.

2. FTP/SFTP/SSH

File Transfer Protocol (FTP) is the mechanism that allows you to transfer information between two different machines connected to the internet. Know how to set this up on your host. If you don’t know how, use your trusty advisor – Google. Here is a real quick and easy search you can use and often works very well:

Google: How to create FTP account with [host name]

Here are links to some of the more common hosts and their protocols for how to create FTP accounts:

Secret FTP (SFTP) is exactly what the name implies, it’s an extention of Secure Shell (SSH), and the difference from FTP is it provides a secure file transfer capability.

Secure Shell (SSH) provides provides a secure channel over an insecure network, and is the safest bet in most cases. SSH is also the preferred method of connecting securely to a server when the site is not available or disabled by a host.

Not all hosts provide SSH access. If on a shared server the probability of getting it enabled is low, but possible.

As a website owner it is likely you’ll use one of these protocols to add/remove/change files on your server. It is important you understand how to manage access to these connection mechanisms. Most of the management for these connection types can be handled through your hosting panel. It is important to minimize access, and to ensure you use secure passwords.

Unless the service provider is managing your credentials, it is recommended that after every cleanup and/or engagement in which you share access info, that you change your passwords.

In the event that you have to work with a remediation firm, ensure you know your login information, and that you have validated your credentials. By validating your credentials, you can minimize the amount of time it will take to clean up your site by not having to do so during the remediation process.

3. Website Backups

There are more instances than we would like to admit of website owners that have lost their website or their content due to invasive malware. What makes it more challenging is that those same website owners did not have a backup.

Consider this our plea with you to backup your website and its content.

There are many platforms, and many different backup solutions. Start with your host, do they have a backup feature or do they recommend a solution? If you pay for sustainment or maintenance services with a development/design firm, ask if its part of the package. If none of that works, turn to your trusted advisor again – Google.

Pulling It All Together

We live in an age where we no longer have dedicated webmaster’s managing and maintaining our websites. As such, it falls on all website owners to understand the basics of website administration. Here at Sucuri, we feel that understanding these three areas will make our client engagements easier, streamlining the clean up process for all.

Closing With Quick Tips

  1. Know where your website lives;
  2. Know how to access the server your website lives on;
  3. Know how to access a saved version of your website and its content.

If you have any questions, don’t hesitate to send them our way – info@sucuri.net.

Scan your website for free:
About Tony Perez

Tony is the Co-Founder / CEO at Sucuri. He shares a deep passion for Information Security, Business and Brazilian JiuJitsu. He approaches the business the same as he trains BJJ, one move at a time and gently. You can follow him on twitter: @perezbox.