Should I scan with a domain or IP address?
It is preferable to scan with a domain name (i.e. mywebsite.com). An IP address could contain more than one domain, including sites that do not belong to you.
What is CMS?
CMS stands for Content Management System and refers to software that is running on your website such as WordPress. We have built a scanner dedicated to these programs that provides an added value to our regular scan. We recommend you turn on this option.
How long does it take to scan a site?
It varies based on the size of your website, the type of scan you run (high-medium-low level) as well as other factors such as speed connections to your website. It can range for 10 minutes to several hours. We recommend you use the scan scheduler to run your scans at night or on a weekly basis.
What are tickets?
Tickets are issues or vulnerabilities found on your website. They are ranked by order of severity from Low to Medium to High.
How do I fix an issue?
If you click on a ticket, you will get a detailed explanation of the risks and solution you can implement to fix the issue. In most cases, you can fix the problem yourself by making the changes outlined. If you are unable to do so, you can contact SparkTrust to schedule a website consultation.
The same issue keeps coming back, how do I disable it?
If you deem a particular ticket irrelevant, you can flag it as Ignored or Closed within the Tickets menu. That way, it will not reappear on future scans.
One of the detections is wrong, how do I remove it?
Similar as above, you can flag a ticket as False Positive.
What are alerts?
Alerts are real time monitoring indicators that check for vital issues with your website. They trigger an email notification and in some cases can create a ticket (i.e. malware was discovered).
What is Malware Monitor?
This feature inspects the source code of your webpages to detect if malicious code has been injected. If so, we will let you know where we find it so you can quickly remove it before it infects your visitors.
What is Advanced Web Recon?
Hackers use search engines such as Google to identify weaknesses or private information. We use the same tricks to alert you if you could potentially be exposed by online queries.
I need help with some of the issues found, who can I talk to?
Sure. You can call our tech support line at 1-877-795-7878 at any time. A technician will be with you or call you back at your preference.
What is Google SafeBrowsing?
Google provides a service that scans websites for malicious software or activity. If your website contains any, it is very likely that it will be blocked by Google to protect internet users. In the search results, Google will display a warning: “This site may harm your computer”. If you own the website, you can request a review to have Google remove you from their blacklist, or have one of our technicians act on your behalf.
What is web malware?
Although traditionally malware has affected PCs, web malware has become the number one threat to computer users. It consists of malicious code embedded within webpages that can force a download of malware onto visitor’s computers. Hackers will inject such code on any website they can get their hands on, starting with those that are unsecure.
What are the implications of a website hack?
A website hack can have dire consequences ranging from loss of confidential data, broken trust and a drop in traffic. At the end of the day, a hacked website will cost you money either in damages or loss of business.
What are the different hosting plans?
There are thousands of hosting companies and their offering varies based on your needs. Cheap does not necessarily mean a good level of service, support or security maintenance. Also, you can chose to host your website on a dedicated server or shared hosting. The latter option is more expensive but gives you more control over access, security and updates. Shared hosting is affordable but your website will be housed with many different websites under the same roof.
What is a .htaccess file?
This is a configuration file that can control many settings for your website. For that reason, it is very often a target of choice by hackers who can edit it to add redirections to malicious URLs when someone visits your website.
How to avoid being hacked?
You can mitigate most risks by following some simple guidelines. For starters, choose strong passwords to authenticate your website and never write them down or leave them stored on your computer in plain text files. Secondly, make sure that your website uses software that is up to date. WordPress is the most popular blogging software and must be updated constantly.
What is PCI DSS compliance?
The Payment Card Industry – DSS is a standard used mainly for websites involved in e-commerce, online payments etc. If your website accept online payments, you should absolutely be compliant.
Why should I do backups?
Backups are your best friends. Bad things do happen in life, and it is better to be prepared. By doing backups you make recovering a website hack or loss a breeze. Backups are only good if done regularly (say once a week) and stored in a safe location. Also, always keep two copies, in case one of them is faulty.
What is FTP, SFTP, SSH?
These are protocols that allow you to connect to your website to make modifications, upload files, etc. As a website owner you have credentials for those various access methods and should make sure to store them in a safe location.