View
1
Download
0
Category
Preview:
Citation preview
Malware Monitoring Service Powered by StopTheHacker
StopTheHacker Dashboard User Guide
Technical Resources
2
CONTENTS
Introduction ........................................................................................................................................... 3
Account Activation ................................................................................................................................. 3
How to Log into Your Account ............................................................................................................... 3
Type of Service ....................................................................................................................................... 4
Navigation Tab: Overviews .................................................................................................................... 5
Malware ............................................................................................................................................. 7
Vulnerabilities .................................................................................................................................... 8
Reputation ......................................................................................................................................... 9
Performance .................................................................................................................................... 10
Individual Monitored Domains -‐ Detailed Insights .............................................................................. 11
How to Interpret Reports ..................................................................................................................... 12
Reputation Monitoring .................................................................................................................... 12
Malware ........................................................................................................................................... 13
Vulnerability Assessment ................................................................................................................. 15
Performance .................................................................................................................................... 16
Upgrade Options .................................................................................................................................. 16
Trust Seal ............................................................................................................................................. 17
GlobalSign Knowledge Base ................................................................................................................. 18
Submit a Support Ticket ................................................................................................................... 18
About GlobalSign ................................................................................................................................. 18
3
INTRODUCTION StopTheHacker is GlobalSign’s preferred malware monitoring service provider and through a strategic partnership its range of services are available to GlobalSign SSL Certificate customers. StopTheHacker enables web hosters, website owners, administrators and web designers to detect malware and recover sites from damaging malware attacks. This guide provides an overview and step-‐by-‐step guide on how to use StopTheHacker’s web-‐based dashboard to view, monitor and upgrade your website domains.
ACCOUNT ACTIVATION Once you have purchased a GlobalSign SSL Certificate and it has successfully been issued, your domain will automatically be monitored by StopTheHacker. Within 24-‐48 hours of issuance you will receive an email welcoming you to the service, instructing you on how to activate your StopTheHacker account, prompting you to create a secure password. Please Note: The email address used will be the email address previously specified as the contact email connected with the SSL Certificate order and it will be this email address to which all StopTheHacker emails will be sent.
HOW TO LOG INTO YOUR ACCOUNT Visit https://panel.stopthehacker.com/login in your web browser.
Login Panel
4
Insert your email address and password and click on Login. You will now be directed to your personal dashboard, showing an overview of all your domains under this account. Please Note: If you only have one domain you are brought directly to the specific view for this domain.
TYPE OF SERVICE Depending on the type of SSL Certificate purchased will determine which level of malware monitoring service you will receive and have access to via your dashboard. The service levels per certificate can be seen in the table below. Functionality AlphaSSL DomainSSL OrganizationSSL ExtendedSSL Blacklist and Reputation Scan X X X X Scan of Known Malware X X X Scan of Unknown Malware X X Facebook Protection X Speed Monitoring X Uptime Monitoring X Annual Security Report X Pages Scanned All All All Scan Frequency Weekly Daily Daily Hourly Vulnerability Assessment Automatic Malware Removal
Service Levels Please Note: If your SSL Certificate type does not include a service you would like to receive, upgrade options are available at an additional fee and can be managed directly via the dashboard by logging into your account at https://panel.stopthehacker.com/login. Alternatively you could upgrade your SSL Certificate type via GlobalSign.
5
NAVIGATION TAB: OVERVIEWS At the top of the dashboard you will see the navigation points available within the dashboard. When you login you will automatically start in the “Overviews” area. On the right hand side of the navigation bar you will also see if you have any notifications or important messages. Below the navigation bar, StopTheHacker provides you a link to their introduction video, in case you would rather watch then read. Please Note: This video is based on StopTheHacker direct services and therefore functions may vary slightly.
Navigation Bar In the “Overviews” Section you will see all your domains on the left hand side with a little icon indicating the domains overall status:
The red warning triangle means that something is wrong with your domain. The green shield indicates that everything is fine with you domain. The blue clock icon shows that the scan for this domain is currently in progress.
6
The large section is split into four security areas: Malware, Vulnerabilities, Reputation and Performance. In each area an overview for all monitored domains is provided. (Please refer back to the table on page 4 should you wish to know which services are included with your SSL Certificate).
Dashboard Overview Multiple Domains The pie charts display the safety status of your websites/domains that are registered with StopTheHacker in the four different areas. The legend to the right of the pie charts explain what the different areas of the charts represent.
The list shows all of the individual domains being monitored and where on the chart they are represented. If you have a website that is not being monitored by a particular service (marked in grey) upgrade options are available should you require these additional services.
7
MALWARE
Malware Each non-‐intrusive scan checks all pages of your website for known viruses and web malware threats to see if hackers have injected malicious code into your website. StopTheHacker’s email notification system immediately informs you if any malware is found, so you can take all actions needed.
The pie chart displays the safety status of your websites/domains that are using a GlobalSign SSL Certificate.
The legend to the right of the pie chart explains what the different areas of the chart represent.
-‐ Blue: Domains being scanned for malware for the first time -‐ Green: Domains found to be free of malware -‐ Red: Domains found to have malware -‐ Grey: Domains not being monitored for malware
The list on the far right hand side shows all of the individual domains being monitored and where on the chart they are represented e.g. Safe Domains.
Please Note: StopTheHackers Malware Monitoring Service is not available to AlphaSSL customers and should you wish to benefit from this service you will need to upgrade your SSL Certificate type to a DomainSSL or above. Please contact us directly by emailing sales@globalsign.com.
OrganizationSSL and ExtendedSSL Certificates also include advanced malware monitoring for detecting unknown malware. StopTheHackers artificial intelligence based engine with advanced self-‐adapting capabilities constantly monitor new strains of malware and protects your online business from these emerging threats.
This advanced feature is available for DomainSSL Certificate customers as an upgrade option. You can upgrade by logging into your StopTheHacker account at https://panel.stopthehacker.com/login.
8
VULNERABILITIES
Vulnerabilities The pie chart displays the safety status of your websites/domains for vulnerabilities. Vulnerability scans can prevent web-‐based intrusions and identify server and application security vulnerabilities that bots and hackers can use to attack you. StopTheHacker can check over 35,000 vulnerabilities on your servers, website and infrastructure, checking for web application vulnerabilities in most popular software like WordPress, Drupal, Django, Joomla, Ruby on Rails, OpenCMS and can uncover vulnerabilities in custom installations too.
The legend to the right of the pie chart explains what the different areas of the chart represent.
-‐ Blue: Domains being scanned for vulnerabilities for the first time -‐ Green: Domains found to have no vulnerabilities -‐ Red: Domains found to be vulnerable to attack -‐ Grey: Domains not being monitored for vulnerabilities
The list on the far right hand side shows all of the individual domains being monitored and where on the chart they are represented e.g. Vulnerable Domains and First Scans.
Please Note: Vulnerability assessment scans are not automatically included as standard with your SSL Certificates and malware monitoring service and the feature is available as an additional upgrade option. You can upgrade by logging into your StopTheHacker account at https://panel.stopthehacker.com/login.
9
REPUTATION
Reputation The pie chart displays the safety status of your websites/domains for reputation including blacklist monitoring. Blacklist monitoring is a comprehensive daily check on the status of your website on the Google Safe Browsing List and other search engines including Yahoo, and Bing; malware blacklists like Malware Patrol and Malware URL; DNS Blacklists; phishing blacklists like PhishTank; spam blacklists like SpamCop; and many more. StopTheHacker will automatically notify you via email if your website ends up on a blacklist and will help you to remove your site from the search engine blacklist. The legend to the right of the pie chart explains what the different areas of the chart represent.
-‐ Blue: Domains being scanned for reputation for the first time -‐ Green: Domains that have a good reputation -‐ Red: Domains that have a poor reputation -‐ Grey: Domains not being monitored for reputation
The list on the far right hand side shows all of the individual domains being monitored and where on the chart they are represented e.g. Poor Reputation. Please Note: This service is included as standard with all SSL Certificate types including AlphaSSL, DomainSSL, OrganizationSSL and ExtendedSSL.
10
PERFORMANCE
Performance The pie chart displays the safety status of your websites/domains for performance including up-‐time and speed monitoring. Up-‐time Monitoring gives you an overview of the availability of your website including details on down time; in case the site goes down we will send you an email alert. Speed Monitoring gives you real-‐time information on the page speed and response time of your website using detailed graphs. The legend to the right of the pie chart explains what the different areas of the chart represent.
-‐ Green: Domains being monitored for performance -‐ Grey: Domains not being monitored for performance
The list on the far right hand side shows all of the individual domains being monitored and where on the chart they are represented e.g. Monitored. Please Note: This service is included as standard only with ExtendedSSL Certificates. This advanced feature is available for DomainSSL and OrganizationSSL Certificate customers as an upgrade option. You can upgrade by logging into your StopTheHacker account at https://panel.stopthehacker.com/login. If you have an AlphaSSL Certificate and you wish to benefit from this service, you will need to upgrade your SSL Certificate type to DomainSSL or above. Please contact us directly to do this by emailing sales@globalsign.com.
11
INDIVIDUAL MONITORED DOMAINS -‐ DETAILED INSIGHTS To get detailed information on any individual domain that is being monitored, simply find the domain you want to get the details for on the left side and click on the domain. This brings you to the detailed status overview of the selected domain.
Overviews The detailed domain overview is spilt into the same four areas as the overall “Overviews” section and shows you the detailed status of the selected domain in each area. If an area is greyed out, this means that the specific service is not included as standard with your type of SSL Certificate. To activate these areas for your domain, you can upgrade to a more advanced service at an additional charge, by logging into your StopTheHacker account at https://panel.stopthehacker.com/login. To go into even more details within each area, you can click on the desired topic in the left hand sub-‐navigation, or you can hover over the “Action+” button and click the link that appears.
12
Detailed View The sub-‐navigation for each individual domain can be found on the left side and also includes the topics “Service Settings” (for this specific domain) and the “Trust Seal”. GlobalSign and StopTheHacker recommends that you display the Trust Seal on your website to reassure browsing visitors that your site is malware free. More information about the Trust Seal can be seen on page 17.
HOW TO INTERPRET REPORTS
REPUTATION MONITORING The Reputation section provides information to answer questions such as: How is your website perceived on the Internet? Is your website on any blacklists? Is your SSL Certificate expiring soon? Are any of the search engines blacklisting your website? This area is divided into three sections:
1. Blacklists: This section shows you the results of checking your domain name against various data sources, such as Google malware, Google Phishing, DNS blacklists, Phishing blacklists and much more. An alert red triangle icon lets you know if the particular data source has an unfavorable reputation about your domain. Hover your mouse over the icon to view further information.
2. Ecosystem: This section shows you the results of the reputation information regarding your IP, your hoster or whether your IP is listed in Botnets or not. Hover your mouse over the icon to view further information.
13
3. Web of Trust: This section shows you the results from our data partner Web of Trust. Please
remember Web of Trust is an independent data provider. Hover your mouse over the icon to view further information. To improve your Web of Trust score please visit http://www.mywot.com/.
To get more detail about each source within these sections, please click on the grey question mark next to each source in the right hand corner.
MALWARE The malware report for your domain will display only one of two messages, either green or red. Green messaging will inform you that everything is ok with your site. “There was no malware found on xxxx domain.” Red messaging will inform you that malware has been found. “Malware has been detected on xxxx domain.”
No Malware -‐Website Safe
Malware Detected
14
Hover over the “Action+” button and on “Show More” to see the entire malware code.
Show More You can also click on “View Source” to try and view the malware present in the web page at real time. Please Note: This might not always work as some malware only appears intermittently and hence grabbing the html page when you click on “View Source” might not be able to grab the malware at the specific moment you click on this link.
Source Code View
15
VULNERABILITY ASSESSMENT The vulnerability assessment report is divided into three sections. It starts with a short overview on all found vulnerabilities. These are grouped into three levels: Critical, Important and Informational. The overview shows you how many vulnerabilities in each group where found and if these are server or application vulnerabilities.
Vulnerability Overview The second section is a detailed report on each individual server vulnerability that was found, including a recommendation for each vulnerability on what you should do. The last section deals with the application vulnerabilities found and also contains recommendations on what should be done to fix them.
Application Vulnerabilities
16
PERFORMANCE The performance overview shows you the last 30 days statistics of your site load speed for the selected domain, as well as the last 30 days up time of your domain. You can hover over the graphs to get more detailed information of the site speed, date and more.
Performance Overview
UPGRADE OPTIONS GlobalSign’s Malware Monitoring Service offers a number of upgrade opportunities via StopTheHacker, should you wish to extend the services within your account. Please refer back to page 4 to view the services which are included as standard with your SSL Certificate type. Please Note: There is an additional charge for each of these services on an annual basis and payment will need to be made directly via your StopTheHacker account. You can view manage your options and upgrade directly via logging into your account at https://panel.stopthehacker.com/login.
17
TRUST SEAL Adding the Malware Monitoring Trust Seal to your site is easy. To get the Trust Seal for your individual domain, simply select the domain you want to get the Trust Seal for, from the domain list on the left hand side of your account. Then click on the “Trust Seal” navigation point on the left hand side in the side menu below the selected domain. You can now view and copy the code for the Trust Seal and implement it in your website.
Trust Seal
How to Install
• Copy the HTML from the embed code text box above • Paste the HTML into your web page or template
Why use a trust seal?
• Show your visitors that you care about security • Trust Seals have been shown to increase conversion rates by more than 10%
18
GLOBALSIGN KNOWLEDGE BASE If you require assistance during the ordering or installation process, you can search for help by consulting the GlobalSign Knowledge Base:
https://www.globalsign.com/support/
SUBMIT A SUPPORT TICKET If you cannot find the answer to your question in our Knowledge Base, please submit your question via our Support Ticket Request Form:
https://www.globalsign.com/help/
ABOUT GLOBALSIGN GlobalSign was one of the first Certification Authorities and has been providing digital credentialing services since 1996. It operates multi-‐lingual sales and technical support offices in London, Brussels, Boston, Tokyo and Shanghai. GlobalSign has a rich history of investors, including ING Bank and Vodafone. Now part of a GMO Internet Inc group company -‐ a public company quoted on the prestigious Tokyo Stock Exchange (TSE: 9449) whose shareholders include Yahoo! Japan, Morgan Stanley and Credit Suisse First Boston. As a leader in public trust services, GlobalSign Certificates are trusted by all popular Browsers, Operating Systems, Devices and Applications and include SSL, Code Signing, Adobe CDS Digital IDs, Email & Authentication, Enterprise Digital Solutions, internal PKI & Microsoft Certificate Service root signing. It's trusted root CA Certificates are recognised by all operating systems, all major web browsers, web servers, email clients and Internet applications; as well as all mobile devices. Accredited to the highest standards As a WebTrust accredited public Certificate Authority, our core solutions allow our thousands of enterprise customers to conduct secure online transactions and data submission, and provide tamper-‐proof distributable code as well as being able to bind identities to Digital Certificates for S/MIME email encryption and remote two factor authentication, such as SSL VPNs.
GlobalSign US and Canada Tel: 1-877-775-4562 www.globalsign.com sales-us@globalsign.com
GlobalSign EU Tel: +32 16 89 19 00 www.globalsign.eu sales@globalsign.com
GlobalSign UK Tel: +44 1622 766766 www.globalsign.co.uk sales@globalsign.com
GlobalSign FR Tel: +33 1 82 88 01 24 www.globalsign.fr ventes@globalsign.com
GlobalSign DE Tel: +49 30 8878 9310 www.globalsign.de verkauf@globalsign.com
GlobalSign NL Tel: +31 20 8908021 www.globalsign.nl verkoop@globalsign.com
Recommended