New Exploit Detection for Shared Servers
Thursday, June 25, 2015Attention customers on our shared web hosting plans,
We are introducing a new tool that performs active scanning of files as they are uploaded to the server and scans all your files daily for known viruses, exploit scripts, malware, bayes probability scanning and more.
Active scanning is performed on all text files:
- Actively scans all modified files within user accounts regardless of how they were uploaded
- PHP upload scripts (via a ModSecurity hook) Perl upload scripts (via a ModSecurity hook)
- CGI upload scripts (via a ModSecurity hook)
- Any other web script type that utilizes the HTML form ENCTYPE multipart/form-data (via a ModSecurity hook)
- Pure-ftpd uploads
The active scanning of files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. It can also prevent the uploading of PHP and perl shell scripts, commonly used to launch more malicious attacks and for sending spam.
This will greatly increase the security of our shared hosting servers. However we expect to receive some false positives while we fine-tune the system. If you notice any issues please contact our Service Desk. Thank you.