Premium Support for you

Please visit the following page: http://www.phishtank.com/contact.php and follow the instructions for reporting an incorrect phishing page.

Please send an email to abuse@clean-mx.de with detailes of what you have done to take care of any malware/spam issues.

Please follow the instructions here: http://www.malware.com.br/contrib.shtml#submit

Please follow the instructions here: http://www.surbl.org/faqs#whitelist

Please read the following page: http://www.dnsbl.info/blacklist-removal.php – you will need to put in your IP address at the top of the page to see why DNSBL is blacklisting your IP. You can find your website’s ip address by following the instructions here: http://www.wikihow.com/Find-a-Website’s-IP-Address . Once you put in your IP at DNSBL – you will be able to see the specific blacklist that is marking your domain/IP as unsafe – you will then need to visit the page of the blacklist by searching for it in a search engine like Google and request a removal from the specific blacklist. Please contact support@stopthehacker.com if you have any issues.

Please follow the instructions here : http://safeweb.norton.com/help/site_owners#getting_started to get started with creating an account at Norton and request a removal from the blacklist.

To get off SpamCop’s blacklist – please ensure that your site is clean and then contact our friends who do a good job of keeping spam off the Internet via http://www.spamcop.net/fom-serve/cache/91.html

The Reputation monitoring area defines what does someone sees when they access your website – the reputation area is StopTheHacker’s internal check for spam.

Please send an email to joewein@pobox.com asking to be let off the Joe Wein blacklist.

To request a removal from Bing’s blacklist (which is often fraught with false positives) please use the information below:

To request a removal from Bing and Yahoo’s lists you can go here: https://support.discoverbing.com/eform.aspx?productKey=bingcontentremoval&ct=eformts&scrx=1&st=1&wfxredirect=1
Select “My Site Has a Malware Warning” and then select the appropriate option and continue.

To request a review for removal of your website off McAfee’s Blacklist, please visit http://www.siteadvisor.com/userfeedback.html , fill in the appropriate values and click the “Send Your Feedback” button.

It will usually take 5-7 working days to get your site off this blacklist.

To request a review of your site at Google, here are the instructions:
====
- Log into Google Webmaster Tools (www.google.com/webmasters/)
- Click on your site name (e.g. www.yoursite.com)
- Click on Health in the left hand navigation
- Click on Malware

If your site is not already registered with Google, you will first have to register it by following the instructions below –
You will then be giving the choice to verify your website. You can verify your website using the standard Google method or ALTERNATIVE methods. The standard method requires inserting some code into your website that Google provides. However, if you have no knowledge of how to insert code, Google provides an Alternative tab and if you click there you will find a few simple methods to verify your website that require NO knowledge of the inner workings of your website. Select which verification method you want to use and then click the “Verify” button. After you are verified which takes a few seconds, you can proceed.

- Click on Request a Review
====

The scan frequency set for business package is ‘Every hour’ whereas scan frequency is ‘continuous’ for enterprise package. You can find more details by navigating to the URL http://www.stopthehacker.com/packages. Malware scans run according to the frequencies as mentioned. Vulnerability assessment scans is provided as the very first report of the service – and then the service provides regular malware reports. To order more vulnerability scans – on demand – (there is no real limit) just send an email to support@stopthehacker.com with your account username and your website name and our team will provision a fresh vulnerability assessment for your site.

Our standard procedure for cleaning up website is

i) Initiate a malware scan on the website files.
ii) Pull out a list of infected files from the malware scan result.
iii) Remove the malicious codes from the infected files.

So the time taken to clean-up website will mainly depends on factor (i) and (iii). For auto cleanup it can take anywhere between 5 mins to 10 hours depending on the size of your site (a couple of MB versus Gigabytes of files)

Request a review of the website after ensuring the website is clean. If the website is clean, Google will take off the domain from blacklist within 2 to 24 hours. This depends on how many requests are currently queued up at Google for review, the size of your site and a few more factors.

You can visit: https://panel.stopthehacker.com/login/forgot to reset your password. Put in your account login (email) and reset your password – please check your email for the confirmation code and you will be able to set up the new password by following the instructions.

You can contact us by sending mails to support@stopthehacker.com (SMB and enterprise clients) or by calling on this number: 1-888-784-2257 (only enterprise clients).

There is no “Scan Now” functionality available inside the user dashboard. But, please feel free to drop us a line and we will be happy to run a scan anytime for you. Please send an email to support@stopthehacker.com .

If StopTheHacker’s scanner probes your website and your website does not respond back to the request made for a page within 10 seconds, then the value in the speed monitoring/load time graph shows up as -1. This does not mean your website was not available or was down, it simply means it took more than 10 seconds for your website to respond back.

Log into your StopTheHacker account, and then click “Edit Service” on the right of the website you have registered for StopTheHacker’s scanning service. Then you can check/uncheck the speed and uptime monitoring boxes to enable/disable the features. If you uncheck the box for uptime monitoring you will not receive any email alerts if your site becomes unavailable. Speed monitoring does not generate any alerts.

Uptime Monitoring is a feature of StopTheHacker’s security service that alerts you if your website becomes unavailable to your visitors. You can also see the detailed status of your website’s uptime by loggin into your StopTheHacker account at https://panel.stopthehacker.com. Speed Monitoring lets you see how fast your webpages are loading, and the experience your visitors get when they view the webpage for your site in a browser. Both these features are available, free of cost to StopTheHacker’s customers who are subscribed to Website security services, professional-edition and above.

Our service prices are NOT based on the size of your website. For example, Website security services (Basic edition) start from $10/month (per site) irrespective of the number of web pages your site has.
We suggest that you purchase the popular Website security services Professional edition and higher.

Your site may have many more publicly accessible web pages or web objects than you think. For example –
Default pages hosted by your web server.
PDF files, advertisement files (SWFs) accessible via your site.
Dynamically generated pages (the URLs that end with something like ?p=120) by your content management system (WordPress) or framework (Django).

Yes, we can detect malware that only triggers when a user browses a site using Internet Explorer. We also use various IP addresses to probe a single website.
Additionally, we check for malware that triggers when a user visits from search engine web pages like Google, Bing, Yahoo, etc.

No. Several companies sell trustmarks. Some trustmarks simply prove that you are a legitimate business, or that you will respect some privacy criteria. Most trustmarks are not related to the security of the website.

No. SSL certificates have nothing to do with protection from malware attacks. SSL certificates simply prove that your site is the website it claims to be. It is a sign of a responsible business who wants to confirm their identity to the visitor.

PCI certification is a good first step towards securing your website. Unfortunately, being PCI certified does not ensure immunity to these attacks. PCI certification simply means that the website does follow some best practice guidelines. This does not ensure that a website is immune to code injection attacks, either.

Yes, they can. Hackers can even distribute malicious advertisements to advertisement distribution companies. These ads can find themselves circulated through the digital ecosystem to various benign websites which can cause good websites to get marked as malware distribution points.

Web hosting companies face a full gamut of issues they need to handle everyday. From customer complaints, billing issues, inquiries and much more. They are not always able to focus on security problems because they don’t have the time or lack the insight of focused security organizations. If you are facing issues and not getting help from your website hosting company, please send us a message, we may be able to get the priority of your case elevated.

We, stopthehacker.com, can help you out!
You may also find helpful volunteers here:
Google Webmaster Forum
Badwarebusters
StopBadware

You should subscribe to a website monitoring service in order to be notified in the case of a malware injection.
You need to assess the security status of your website applications and web server.
You need to improve the security of your website applications, such as your blogging software, online shopping cart (update applications).
You need to improve the security of your web server (update server software or operating system).

The chances are that your site was compromised using automated programs which are developed by hackers and sold on the underground black market. It is very rare that a hacker will take a personal interest in infecting a website.
Automated hacking tools do not discriminate between small or large websites. It does not matter if you own a small business or a very large one, or even if you just host a blog or a personal website. All websites are fair game for these bad guys.

Most Anti-Virus systems use signature based mechanisms. Once a piece of malware has been reported as bad, they will be able to detect it on your computer. We take a different approach. We understand the behavior of a piece of malware and then create a profile for malicious computer code. This allows us to hunt down previously unseen pieces of malware. [Read More]

Your Anti-Virus software protects your personal computer from threats. It cannot protect your website from attacks by a hacker.

Your website has a vulnerability. Think of it as a open door in your house. The hacker has used this door to enter your website and deposit malicious computer code.
Your web server has a vulnerability. If you do not host your website yourself, you need to make sure that the web server (computer) which is used to host your website is secure. Even large professional hosting companies have problems. Alternatively, If you host your own website, you can take action now by ordering a Vulnerability to Penetration Assessment.
Your login credentials have been compromised. Hackers often install programs called keyloggers on computers. these programs analyze the keystrokes you are using to type in you password and username. Once the hacker gathers this information they can login to your website silently and wreak havoc. A Web Application Firewall (WAF) will not protect you from this kind of compromise. A website monitoring system will alert you of such a scenario, however.
Third party software installations may have vulnerabilities. If your website uses an online shopping cart, blogging or forum sofware, from a third party, they may have introduced vulnerabilities into your website, which caused your site to get compromised.

Modern browsers like Internet Explorer, Firefox, Opera, Safari all consult some form of blacklist before visiting a website. If your website is listed on a blacklist, chances are that your visitors are not able to get to your website. This may incur significant lost revenue for you and may degrade your reputation.

Google is not out to hurt websites and businesses. It is simply providing an public service to Internet users. It simply offers a warning about its opinion regarding the security of your website. A cleaner and safer Internet benefits all web surfers.

It can take from a few hours to as many as 10 days to get off a blacklist. Some individuals have also reported longer time periods. If your website is on a blacklist, it is imperative that you identify the exact cause of the problem and remedy the situation correctly. A lot of webmasters cannot hunt down all traces of malware and hence stay on the blacklist for quite long.

1. Clean your website and remove any traces of malware.
2. Understand how malware was deposited on your benign website.
3. Sign up for website monitoring to prevent it from re-occuring.
4. Request a site review from Google.

As a public service, Google analyzes websites and determines if the website is distributing malware or has been reported as taking part in a phishing attempt. If your site is listed on Google’s Safe Browsing List, it might have been involved in the distribution of malware (harmful computer programs like viruses).

Blacklists contain names of websites which have engaged in malicious or annoying activities, such as distribution of malware, being an accomplice in a Phishing attempt, hosting annoying or dangerous advertisements or other reasons.

A blacklist is usually lists the names or modified version of the name (such as a hash) of a website.

The scan frequency set for business package is ‘Every hour’ whereas scan frequency is ‘continuous’ for enterprise package. You can find more details by navigating to the URL http://www.stopthehacker.com/packages. Malware scans run according to the frequencies as mentioned. Vulnerability assessment scans is provided as the very first report of the service – and then the service provides regular malware reports. To order more vulnerability scans – on demand – (there is no real limit) just send an email to support@stopthehacker.com with your account username and your website name and our team will provision a fresh vulnerability assessment for your site.

Our standard procedure for cleaning up website is

i) Initiate a malware scan on the website files.
ii) Pull out a list of infected files from the malware scan result.
iii) Remove the malicious codes from the infected files.

So the time taken to clean-up website will mainly depends on factor (i) and (iii). For auto cleanup it can take anywhere between 5 mins to 10 hours depending on the size of your site (a couple of MB versus Gigabytes of files)

Request a review of the website after ensuring the website is clean. If the website is clean, Google will take off the domain from blacklist within 2 to 24 hours. This depends on how many requests are currently queued up at Google for review, the size of your site and a few more factors.

You can visit: https://panel.stopthehacker.com/login/forgot to reset your password. Put in your account login (email) and reset your password – please check your email for the confirmation code and you will be able to set up the new password by following the instructions.

You can contact us by sending mails to support@stopthehacker.com (SMB and enterprise clients) or by calling on this number: 1-888-784-2257 (only enterprise clients).

There is no “Scan Now” functionality available inside the user dashboard. But, please feel free to drop us a line and we will be happy to run a scan anytime for you. Please send an email to support@stopthehacker.com .

1. Clean your website and remove any traces of malware.
2. Understand how malware was deposited on your benign website.
3. Sign up for website monitoring to prevent it from re-occuring.
4. Request a site review from Google.

As a public service, Google analyzes websites and determines if the website is distributing malware or has been reported as taking part in a phishing attempt. If your site is listed on Google’s Safe Browsing List, it might have been involved in the distribution of malware (harmful computer programs like viruses).

Blacklists contain names of websites which have engaged in malicious or annoying activities, such as distribution of malware, being an accomplice in a Phishing attempt, hosting annoying or dangerous advertisements or other reasons.

A blacklist is usually lists the names or modified version of the name (such as a hash) of a website.