Malware & blacklist audits added to website vulnerability scan

Published by Vic Drover on

Malware Scan Merged

Update, August 26, 2021: This update is part of a bigger set of changes to our website management user experience (learn more).

The website vulnerability scan at Watchful is an on-demand suite of tools that help detect and manage security risks. This includes looking at security best-practices, file and folder permissions, and suspicious files on each of your websites.

From today, the vulnerability scan now includes a frontend malware scan and blacklist scan.

Doesn’t Watchful have malware/blacklist scanners already?

For many years, Watchful has offered an on-demand Malware scan that examines the frontend of your website and looks for irregularities like injected spam and website defacements. It also checks your sites blacklisted status at Google Safe Browsing, McAfee and others.

As shown below (left), the malware scan tool had been located in the drawer on the sites dashboard. This button no longer exists. The malware/blacklist tools appear in the vulnerability scan instead (below right).

Website Vulnerabilty Scan Before
Website Vulnerabilty Scan After

Why did you make this change to the vulnerability scan?

By moving the malware/blacklist scan to the website vulnerability scanner, all of the security tools are in the same place. Additionally, since the results of the vulnerability scans appear in the scan history, you can now track malware/blacklist data over time just like for the other security tools.

Here is what the vulnerability scan history looks like now with the malware/blacklist information included. Any vulnerability scans prior to July 14, 2021 will display No data in the Malware and Blacklist columns.

Vulnerability Scan History
Website vulnerability scan history.

Workflow changes

The vulnerability scan takes longer to fully complete than the malware/blacklist scan did its their own. If that time difference is important to your maintenance workflow, note that each of the tools in the vulnerability scan runs independently. You can view the results of the malware and blacklist scans well before the signature scan is complete (for example).

Alternatively, you may want to add a vulnerability scan to the beginning of your maintenance workflow. From the sites dashboard, select the sites you will be working on and the select Vulnerability Scan from the bulk toolbar at the top of the page (see below). This will add vulnerability scans to a queue. When complete, you can begin your maintenance by checking the vulnerability scan history (see above) for any malware/blacklist issues.

Bulk Add Vulnerabilty Scan
How to perform bulk vulnerability scans from the sites dashboard.

API changes for website vulnerability scan

If you are using the Watchful API to perform malware or blacklist scans (i.e. in a custom user portal), please note that the sites/{id}/scanner endpoint has been scheduled for depreciation. API users should switch to the /sites/{id}/audits endpoint.

The POST sites/{id}/audits endpoint will return an audit ID. To get the results of the audit, use audits/{audit-id}. Note that the this endpoint is an asynchronous operation. Thus, be sure to wait for the ended field to be populated to ensure the vulnerability scan is complete. Since each tool in the vulnerability scan operates independently, you may also check that the desired malware/blacklist fields. When they contain data, you may process the returned data as needed.

Learn more about the vulnerability scan

The Watchful knowledge base contains full details on the vulnerability scan.

Categories: News


Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *