Webcraft Daily - News, rants and expert advice by Internet developers for Internet developers.

What do a photography site, a web referral site and diesel fuel site have in common?  They have all been identified as sites that attempt to install malicious software on we user’s computers.  For the record, I am not affiliated with any of these websites nor with any of the companies who have identified these sites as serving malware.  The sites are:

www.supermodels.com

www.referral-secrets.com

www.dfwdiesel.com

As you can see, all three sites have been rated as possible security risks.  The point of this article is not to point out sites that serve malware, but to show webmasters that their sites can be “black-listed” without them ever knowing.  For the sake of our discussion I am going to assume (perhaps mistakenly) that all the sites I mention in this article are intended as legitimate sites and to provide some useful product or service to web users.

Let’s say that you have a website where you write an article about sites that spread malware, and then you provide links to these sites as a warning to your readers.  McAfee’s Site Advisor, along with others, will probably flag your site as a possible risk.  This very thing happened to the SANS Institute (one of the most respected computer security organizations in the industry). 

In August 2008 McAfee’s Site Advisor blacklisted SANS and warned about potentially harmful malware on the site.  Fortunately for SANS, their webmaster had the phone number of point-of-contact at McAfee.  But what do you do if you don’t happen to have this kind of “insider” clout?  How can you get your site “de-listed” from these blacklists?  How long and how difficult is this process?  Well, McAfee’s site promises to reassess sites between 10 and 365 days once they receive a complaint about a bad rating.

Yes, that’s right, it can take up to an entire year for them to change a site rating!  And what happens to potential customers who land on your site only to be greeted with a huge banner exclaiming the potential risks of your site?  Rather than give you example after example of this system gone wrong, I think it better to offer actions that you can take to prevent these things from happening.

1)  The first step is knowing that your site has been blacklisted.  In the SANS example above, it was a security advisor, not McAfee (or even SANS), who first noticed the rating.  Your first chore is to check to see if any of the site rating services has blacklisted your site, not an easy task because there are dozens of these “reputation based filtering” services around (complicated because they all have different methods for rating sites and complicated still further because some don’t review sites with adult content).  But start with some of the most popular services: McAfee Site Advisor1, Norton Safe Web2, Web of Trust3 and hpHosts4.

2)  Check with your web host to see if they employ Shared hosting or Virtual Hosting.  Either of these techniques could subject your site to a rating from another web site sharing the same IP.

3)  Regularly check to see if ANY content on your website has changed.  And by “changed” I mean not by you! Some of the worst malware sites are actually legitimate sites whose owners simply don’t watch the store. Websites cannot be “set it and forget it” any longer!

4)  If your site has been blacklisted, take quick, decisive action.  Document what the rating software found and seek professional (legal and computer security) assistance immediately.  The longer your site goes without being fixed, the longer it will take for the companies to remove it from the blacklist.

5)  Finally, as a last resort, if you simply don’t where to turn, you can drop me an email and I will help as I am able.

No related posts.