SiteLock is proud to present our latest feature in our dashboard, a malware scanner that not only finds the malicious code in your website but can also automatically remove it. This new scanning tool is called SiteLock Malware Automated Removal Tool, or SMART.
The Basics Of SMART
SMART has the ability to use the (S)FTP credentials for your website to connect to your hosting server and scan the files hard-coded in your site for malicious scripts, viruses, and other unwarranted code detected on your site.
At your request, or automatically, SMART can even remove some of the malicious code from your website and send the clean version back into place. With this tool, you can stay protected from hackers who try to break into your website’s information.
In this blog post, we’re going to discuss setting up and configuring SMART. It is essential that the configuration is set appropriately in order for the malware scanner to be able to effectively monitor for malware, and clean it from infections.
Configuring The SMART Malware Scanner
If you are a SiteLock customer with the Professional, Premium or Enterprise package, when you login to your SiteLock dashboard, you will notice a new type of scan in the list. Click to configure your SMART scan details. You will notice a settings tab will display.
Here, the FTP settings are very crucial to SiteLock malware scanners being able to communicate and properly scan your site. Please test the access to your site by using an FTP client, such as FileZilla, before updating the settings on this page to ensure we’re able to connect and access your site.
Method for File Transfers
You can select FTP or SFTP for this option. Change this to SFTP if your hosting company allows SSH/Shell Access, and enable SSH in your hosting account if you want to use SFTP connections. Be sure to specify port 22 later in the port specification.
FTP Host Address
Here, you can enter the address of your website. You can enter your host address (ftp012456.hosting-company.com), your ip address (220.127.116.11), or your website domain (your-website.com). We will use this to access your site.
Here, you can enter the username we will use to access your site. Some hosts require a full email as the username, so be sure to include the full address if necessary.
Automatically Remove Malware
You can elect the option to totally wipe out any hack we find malicious enough that it should be removed. We enumerate a massive list of signatures, exploits, bad code and the like and we use that to identify bad code on the site.
In addition to this list of malicious code we know is bad, we also have other mechanisms that will identify code as suspicious. Should we find any suspicious code, you’ll be notified in the SMART results and see the reasons why the code was flagged as suspicious. Should we encounter malicious code that we can clean up, our malware scanner will remove that code and push the changes live to your site immediately.
If you are concerned about automatic malware removal breaking your site, and would prefer to manually clean the malicious code from your site, feel free to leave this option off.
Select a speed for FTP file Downloads
Your host will have this moderated to however many they think is appropriate. For faster scans, select 3 connections. Typically, only 1 scan is necessary.
This term is synonymous to “document root”, and “web root”. It is the very base of your website without any additional directories. For example: “http://example.com/” is the root of “example.com”.
This is where you specify the root directory to your website. Most hosting companies use `public_html’ as the web root, though some don’t allow you outside the web root at all. If you created the SiteLock FTP account and pointed it to the web root, you can use “/” to indicate the root of your FTP account. Otherwise, enter the path to the web root to the website you wish to scan.
If you are unsure about what directory is your web root, then create a file called `test.txt’ and save it with the contents “This is a test of the home page.” Next, upload the file to your website via the FTP account you created for SiteLock SMART. If you can upload that file and visit directly your website at http://my-website.com/test.txt and you view the contents of “This is a test of the home page.” in your web browser. Then you have “/” as your web root in the SiteLock SMART settings.
If you must change into a sub-directory after logging into your SiteLock SMART FTP account in order to upload the file, then whatever path you used before accessing the file in your web browser is the correct path to place in the SiteLock SMART settings.
For example, if you use your newly created SiteLock SMART FTP account to access your site, and you upload test.txt, without changing directories, then that is the web root: “/”. If you must change directories to something like `/httpdocs/my-website.com/htdocs’ after logging in with your SiteLock SMART FTP account before you can upload your test.txt file and see it in the web root, then `/httpdocs/my-website.com/htdocs’ is the web root you should use for the SiteLock SMART settings.
One final note on this field: If your web host has indicated that your “user home” directory is in something similar to `/home1/user’, then please omit this from your FTP settings as it will cause an error with SMART’s ability to find your document root.
(S)FTP Port Number
If you are in doubt, leave this field blank. Otherwise, you can enter the port number for (S)FTP service, if it’s hosted on a non-standard port. Again, if this is hosted on a standard port, then you can leave this field blank. It will use the default port.
Maximum Download Time
Here, you can select the amount of time you will permit our malware scanner to be downloading files before we stop the download and come back the next day.
You can use this directive to control how frequently scans will take place. Daily is the recommended frequency.
Final Steps In Configuring Your Malware Scanner
Now that SMART has been configured, you can click “Submit” and we’ll attempt to make a connection to your website with the submitted credentials. If the credentials are correct, you will be prompted to scan your site immediately. If not, check the credentials and try again.
Stay tuned for Part 2 of our SMART blog where we will discuss viewing your scan report results.
To get the SMART malware scanner for your own website, visit the website-scanning page or call our team at 855.378.6200.