fb-pixel
Logo Supporthost

How to perform a malware scan of your website to find malware and security problems

November 10, 2022 / Published in:  from Ivan Messina
No comments

Want to know how to scan your website for malware or security issues?

Today we are going to see what the risks of a malware attack are, when you need to check the site and what to do to improve its security. But above all we will see a detailed list with 10 free tools to use to do an online malware scan.

How To Perform A Malware Scan Of Your Website

Why is it important to scan a site for malware?

According to data collected by Statista, there were 5.4 billion malware attacks worldwide in 2021. In the first half of 2022 alone, the number of attacks reached 2.8 billion.

Here is an overview of the data from the last 7 years.

But what is malware?

Malware: any computer program used to disturb the operations carried out by a user of a computer.

WIKIPEDIA

This very simple definition allows us to understand what it is in essence. In practice, the term malware defines a whole series of "malicious" programs including ransomware, spyware, trojans and viruses.

Speaking of computers, of course, he does not refer only to personal computers but also to all computer systems and therefore also to the servers that host websites.

Cybersecurity crimes, hacker attacks and the spread of malware are hardly new. This does not mean, however, that we can ignore or underestimate the problem.

Website Security Issues

For website owners, not worrying about security carries enormous risks.

  • Based on the attack, it is possible that the resources destined for the site are compromised and that this causes slow or often unreachable sites.
  • Users who visit your site could be redirected elsewhere, to fraudulent or dangerous sites.
  • The IP of the site can be blacklisted and consequently the emails you send will not reach their destination or end up in the spam folder.
  • As if that was not enough, attacked sites can be marked as malicious and penalized in terms of visibility on search engines. The site's security problems are, in fact, among the reasons for penalization by Google and other search engines.

Doing a reputation analysis of a website or a malware scan can help in several cases.

  1. For site owners: Helps identify security issues such as unwanted redirects, suspicious and dangerous files, or vulnerabilities that can be eliminated. Many site scanning tools also allow you to understand if we have been blacklisted.
  2. For users: allows you to understand if the site they want to visit is reliable or risky.

This guide is especially aimed at website owners who want to analyze their site to identify security issues. However, the same tools that we will see shortly can also be used by users who want to browse without risk.

When to do a malware scan

It is advisable to take strong security measures for our website. At the end of this article, we will see some good practices that can help us.

Either way, no site is ever completely safe. For this reason, tools like the ones we will see today are important because they allow us to keep the main security problems of the site under control.

Malware In The Website

In addition to a periodic analysis, there are cases where a website scan is strongly recommended: when we suspect that there may be malware.

Some signs that help us understand if our site has been compromised:

  • suddenly the site has become slow or in some cases it is down;
  • unknown files appeared between the files on the server;
  • your login credentials have been changed without your knowledge;
  • those who visit your site see advertisements that should not be there or are redirected to dangerous sites;
  • when visiting your site, a security warning appears inviting visitors not to proceed.

Also, if you have verified your site on Search Console and there are problems, you may see a warning in the "Security Issues" section.

What if the problems aren't caused by malware?

Be careful not to confuse the warning of the presence of malware with that of an unsafe site that appears, instead, when the https protocol has not been correctly implemented.

10 tools to scan your site for malware

There are several tools for scanning a website online for malware. Some allow us to crawl pages on the site for problems.

Other tools that we will see allow us to upload files to subject them to an anti-malware scan.

Please note that crawling the site with one of these tools can help us identify the presence of malware. However, the tools are not without errors, so if you are afraid that your site has been attacked by a hacker, the best option is to contact a professional or a specialized company.

This way you can not only make sure you've removed all the malicious code, but you'll also be sure you've fixed the flaw and taken the right security measures to avoid falling back into the same situation.

Let's see how to do a site crawl using these tools:

  1. Google Safe Browsing;
  2. SiteCheck by Sucuri;
  3. Quttera Website Malware Scanner;
  4. VirusTotal;
  5. SiteGuarding;
  6. Norton Safe Web;
  7. SiteLock;
  8. Astra Malware Scanner;
  9. URLVoid by NoVirusThanks;
  10. Comodo's cWatch Malware Scanner.

Google safe browsing

Google provides us with a tool for crawling the website. This function is called in several ways:

  • Google Safe Browsing
  • Google Safe Browsing
  • Google Malware Checker.

This tool is free and accessible to all without the need for registration.

Do a site crawl with Google safe browsing

The tool, accessible from here, is part of the Transparency Report.

By opening the Site Status tab, we can use the tool to scan the site and check for any compromises.

As I show you here, we just need to enter the site address and click on the magnifying glass icon to start the scan.

Google Transparency Malware Scan Report

If there is no problem, we will see a warning like this:

Google Malware Scan Result No Unsafe Content Found

What Google Safe Browsing is for

Google introduced this feature to make it easier for users to recognize unsafe sites. Whenever Google identifies a site as dangerous, it displays a warning to all users as long as they are using a browser (or an app) with Safe Browsing enabled.

From the home page of the Google tool it is possible to see an overview of the alerts that are shown by Google through the browser or in the search results.

Google Safe Browsing Overview
In this graph we see the number of alerts shown from 2010 to today.

Safe Browsing protects users in many ways:

  • it shows warnings on the browser and is active both on Google Chrome (also for users from mobile devices) and on other browsers such as Safari and Firefox;
  • protects the user during the search through warnings that appear in the search results on Google;
  • helps identify malicious links in emails by being active on Gmail.

Until April 2020, through the Safe browsing tool, it was also possible to access the Malware section which allowed us to see the sites where the presence of malware was detected. Currently you can only access the archived version of this page, with data that is no longer updated.

Sucuri

Another malware scanning tool is Sucuri's SiteCheck. Sucuri is a company that has been operating since 2009 offering solutions for securing websites and for disaster recovery, but also firewalls.

Among the many services, Sucuri also offers a free online tool for website crawling.

For those wishing to carry out a more in-depth scan of the site, there are also paid solutions such as Malware Scanning & Detection. With this service, you can access the Sucuri dashboard and scan the site on the server side to verify the site in its entirety.

Sucuri Monitoring And Detection Plan

Now let's see how to use Sucuri's free tool to scan our site for malware.

How to do an online malware scan with Sucuri

The operation is very simple: we just connect to the Site Check site, enter the address of the site we want to verify and click on Scan Website, like this:

Website Malware Scan With Sucuri Check

What kind of control is carried out?

Let's see specifically what allows us to discover this tool.

Sucuri's tool will scan the site for malware by analyzing the source code. It will also verify that no defacement practices have been implemented, to show a page instead of another, or spam injection to insert links to other sites without the knowledge of the site owner.

Sucuri Malware Scan Report

One of the main vulnerabilities of a website is that it underestimates the importance of updates.

Keeping the CMS core and extensions up to date helps us protect ourselves. This is because very often updates include patches to improve security or restore any flaws.

In this regard, the Sucuri SiteCheck comes to meet us by informing us if there are plugins and extensions to be updated or important updates of the CMS.

Sucuri also checks that the site is not on a blacklist by analyzing several lists including Google, McAfee, Sucuri Labs and Yandex.

Sucuri Website Blacklist Status Scan

The tool makes sure that there are no incorrect configurations that jeopardize the security of the website including internal server errors.

Sucuri Malware And Security Scan

In the last section of the report, we also find tips to further improve the security of the site.

Sucuri Malware Scan Results

The Sucuri SiteCheck we just looked at is free.

Other tools from Sucuri: the WordPress plugin

For those who want to have a WordPress site, Sucuri also offers a plugin available in the free or paid version.

Sucuri Security WordPress Plugin

With this plugin, you can perform a malware scan of the site, verify that the WordPress core files have not been modified, receive email alerts when problems occur, and more.

The premium version of the Sucuri plugin also allows us to activate a firewall on our site.

Quttera

Quttera offers website security solutions and offers a handy online site crawler tool.

Again, the company has paid plans offered with a monthly or annual subscription for website monitoring and malware removal.

How to use Quttera's malware scanner

The Website Malware Scanner tool works similar to the ones we have just seen.

To start the malware scan we enter the URL and click on Scan for Malware, like this:

Quttera Malware Scan

After starting the scan we will have to wait a few minutes, depending on the number of requests in the queue. From what we have noticed, compared to the tools seen so far, it took longer to crawl the site with Quttera.

Qutter Website Scan In Progress

At the end of the analysis, we will be able to access the detailed report of the scan.

In the Sitescan report tab we will find the summary with: IP address, CMS used, suspicious files found, number of external links, presence or absence in blacklists and other information.

Quttera Website Malware Scan Report

By clicking on Scanned files analysis we can view in detail the list of malicious, suspicious, potentially suspicious files and those that do not present problems.

Quttera Suspicious Content Detected

The Additional information tab allows us to get information on external links and get the whole list. It also tells us if some of the external links are included in some blacklist.

Quttera Scan Additional Information

By clicking on Sandbox request we can analyze the list of HTTP requests of the site.

Quttera Malware Scan Sandbox Request

Finally, we can check if our site has been included in a blacklist by clicking on Blacklisting status.

Quttera Scan And Blacklist Check

VirusTotal

Here is a tool that in addition to the anti-malware scan function also allows us to scan files.

VirusTotal is a site owned by Google and which allows us to crawl the site for free.

The analysis is based on more than 70 anti- virus databases and domain blacklisting services.

By connecting to the home page of the site, we will find three functions of this tool.

File: allows us to upload a file to the site to perform an antivirus scan;

URL: crawl the indicated site;

Search: allows us to crawl URLs, IP addresses, but also file hashes.

Here's how to do it.

Scan a file for malware with VirusTotal

From the File tab, by clicking on Choose file we can upload our files to scan them.

Virustotal Website Safety Check

The scan result will look like this:

Virustotal Antivirus Scan Results

Scanning files allows us to obtain information about the file type and find out if it has been marked as suspicious or dangerous.

Use VirusTotal for site scanning

We click on URL from the VirusTotal home page, enter the address we want to scan and press Enter.

Virustotal Website Malware Scan

In the Detection tab, the tool will return us an analysis of the website based on different antivirus systems.

Virustotal Scan Website Detection

By clicking on Details, we can view other information such as the HTTP status code or the type of compression used on the site. From the Links tab we can see the external links.

If there are comments left by the community we will be able to find them by clicking on Community, while the community score will be shown in the upper left corner where present.

SiteGuarding

If you want to check for malware and do a website crawl, SiteGuarding provides a free tool to do this.

In addition to offering free site crawling, SiteGuarding offers monthly plans for site monitoring, analysis and periodic crawling.

For WordPress sites, SiteGuarding has also created an Antivirus Site Protection plugin that allows us to crawl our WordPress site files. However the plugin has been removed from the WordPress directory and the version on the site hasn't been updated for over a year.

Let's see how to use the anti-malware scan tool.

Scan the site with SiteGuarding for malware

The scan tool allows us to check for malware, detect backdoors and check if our site has ended up on a blacklist.

We paste the URL we want to analyze and click on Scan Website to start the test.

Siteguarding Malware Scan

The result of the scan first offers us general information about the site, including:

  • SSL certificate;
  • IP address;
  • CDN used;
  • list of links present;
  • CMS used.

Tip: If you're having problems with your SSL certificate on the site, check out our guide to troubleshooting an invalid SSL certificate. In the article you will find the explanation on how to check the validity of the certificate using special online tools.

From the Detailed Blacklist Analyze section we can check if our site has been included in any blacklist.

Siteguarding Website Blacklist Scan

Scrolling down we find the link analysis (Link analyze) in which we can see the external links that start from the analyzed site and understand if any of these are present in a blacklist.

Siteguarding Link Analyze

Norton

Popular security management company NortonLifeLock also offers a free tool to crawl websites.

Norton Safe Web, reachable at this address, can be used directly online. In this case it allows us to enter the address of a site and check which classification has been attributed.

Norton Safe Web Malware Scan

If the site is OK, the result will look like this and show a positive rating.

Norton Safe Web Scan Results

As users, we can also install the Norton Safe Search extension on the browser, for example on Chrome.

As site owners, however, we can create an account and verify site ownership. By doing so, we will be able to access more detailed reports.

If we want to request a new evaluation of the site, we will just have to analyze the site and then click on Click here to submit a dispute, then fill in the requested information and submit the request.

Norton Safe Web Submit Dispute

SiteLock

Another website crawler tool is SiteLock. This company also offers paid plans for site crawling, malware removal, and backup creation.

From here we can access the free malware scanner. We enter the URL and click on Scan now.

Sitelock Malware Scan

In a few minutes we will be shown the result of the test with a simple report that answers these questions:

  • Are we using a CDN?
  • Have any malware been found?
  • Are we using extensions or plugins with known vulnerabilities?

If there are no security problems with the analyzed website, the result will be as in our case, here:

Sitelock Website Security Scan Result

Astra

To scan a site for viruses and malware, we can also use the free Astra tool.

We type the URL and click on Scan, like this:

Astra Malware Scanner

If there are no problems, we will see a page like this after the analysis is finished.

Astra Malware Scan Results

We may decide to email the report or request a manual scan through the paid service. Among the services Astra also offers monthly subscriptions that include scanning, use of the firewall and intervention in case of problems.

URLVoid

Among the services that allow us to identify vulnerabilities on websites is the one developed by NoVirusThanks.

The tool is called URLVoid, it's free and you can find it here.

How does it work?

We use the search field to paste the site name or URL and click on the Scan Website button.

Urlvoid Website Reputation Scan

The analysis first returns us a report with information on the domain registration date, server location, IP address and so on. In this box, looking at the Detections counts item, we quickly see if the site we searched for is potentially dangerous.

Urlvoid Security Scan Results

The tool checks the site by comparing it with over 40 databases and shows us the detailed result in the Scanning engines section.

Urlvoid Scanning Engines Reports

If we wanted to search by IP, we can use IPvoid also developed by NoVirusThanks. The tool is also free in this case and allows us to check if the IP has been included in any blacklist.

Ipvoid Ip Address Tools Online

Comodo

Comodo, a company specializing in IT security that also issues SSL certificates, provides a free tool for analyzing the site's reputation.

Comodo has in fact created the security system, cWatch web, and through this address you can access the scanner to evaluate the security of the sites.

Comodo Cwatch Malware Scan

After starting the scan, we will be able to enter our data and an email address to receive the report.

Comodo Security Scan Report

What to do to keep the site safe?

The tools we have seen in this extensive collection allow us to identify website security issues. However, in addition to taking action after damage has been done, it is a good rule of thumb to try to prevent problems.

There are several aspects to consider for website security. We covered this in detail in our guide on how to improve WordPress security. Here we go to briefly see the crucial points.

Security starts with hosting

First of all, the security of the site must be guaranteed by the hosting service provider we choose.

All our plans from shared hosting to dedicated servers rely on servers with high security measures and automatic systems to ensure protection against DDoS and other common attacks such as bruteforce.

We also provide you with the tools to:

  • perform a virus scan independently with ClamAV,
  • run a malware scan with Imunify 360;
  • always have your emails safe: we use SpamAssassin to avoid junk mail and we include a secondary MX service in all plans.

The importance of updates and backups

Many hacker attacks are carried out by exploiting security holes. Often these vulnerabilities result from failure to update the CMS or installed extensions.

One of the most important rules both when it comes to WordPress and any other CMS is to pay attention to updates. Keeping the site up to date helps improve its security.

When installing third-party extensions, you should always check the date of the last update. Also, you should always avoid nulled themes and plugins as they may have been released for the very purpose of exposing sites to vulnerabilities.

What if something goes wrong anyway?

Cleaning up a site following an attack almost always involves a rollback to a previous version. For this reason, it is good to have a backup plan and always have a recent copy of the files available.

Otherwise, the risk is to lose the changes and content recently added to the site.

A quality hosting always offers a professional backup service. If it is not included in your case, you could consider whether to change hosting, or provide a backup solution on your own.

Conclusion

Scanning the site with one of the online tools we've seen can help us figure out if there are any malware, suspicious files, or unwanted redirects. Based on the tool you choose to use; you can also understand if your site has been included in a blacklist and you can analyze individual files to see if they have been compromised.

You should periodically review the site 's security measures and do regular checks to make sure there are no problems. This applies to all sites and in particular to those that process sensitive data that could end up in the hands of malicious people.

What tool do you use for malware scans and site analysis? Do you have any other suggestions to offer? Let us know with a comment.

author image

Ivan Messina

Founder of SupportHost. With over 10 years of experience in web hosting, he works every day to improve the service and pays attention to each and every customer.

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.