“This site may harm your computer”
“The website ahead contains malware”
“Malware detected on domainname.com”

Are these some of the errors your shared hosting customers usually complain about? Are you concerned about your server security?

You are not alone. Google alone blacklists 10,000 websites daily for malware infection. In a shared hosting environment containing varied web applications with varying levels of security, malware infection is quite easy to happen. Even just one website with an outdated web application can cause that website to be blacklisted.

Help desk support services from Bobcares has evolved a list of best practices by which such website blacklisting can be minimized even with webmasters not updating their web applications on time. Let’s take a look at the ones that has been proved most effective.

1. Preventing exploits through a web application firewall

Depending on the budget and security standards of the shared host, we install either open source or commercial web application firewalls. One particularly effective solution we have implemented is the mod_security Apache module. Exploit signatures for mod_security is available from a variety of sources, and can even work with an anti-virus software to prevent malware uploads. While we have seen better exploits detection rate through commercial solutions, the open source web application firewalls were good enough to keep shared hosting accounts out of Google website blacklisting.

2. Blocking malware upload through FTP, Control Panel, and Web applications

Malware is often uploaded through stolen/leaked login details of web masters. We prevent this by implementing upload scanners that can work with anti-virus databases. This prevents hackers from inserting malicious code into website files, and uploading them back to the server. Again, depending on the quality of the exploits signature, the rate of detection varies, but the open source signatures give a decent level of protection.

3. Completely isolating individual hosting accounts from each other

In a non-hardened server it is possible to spread malware from an infected account to others. By systematically listing all possible methods by which account switching can be done, and blocking all those possibilities, we have been able to bring such hacks to zero.

4. Hardening web server to block exploit attempts

Web servers like Apache provide a lot of options to harden the server against exploit attempts. We recommend doing periodic audits of web server settings. By applying the latest security patches and following the best security practices, we have been able to deny hackers a chance to execute malware in the servers.
With proper server engineering it is possible to prevent website blacklisting in Google, Bing, Norton Safe Web, McAfee SiteAdvisor, or any such other malware blacklists. If you would like to know how best your servers can be secured against website blacklisting, we would be happy to talk to you.

About the author

Visakh S is a senior software engineer at Bobcares. He has extensive experience in managing technical support teams of web hosting companies and data centers. He has been instrumental in devising security strategies for web hosting companies, and has provided custom security solutions for their unique security challenges.