The provision of web hosting services has always involved having to 'manage' various threats from hackers, spammers, virus outbreaks and just plain bad software. Webcity engineers and admins spend a very significant portion of their time on tasks related to protecting against these threats or repairing damage caused by them.

Over the last few months we have run a specific project aimed at stopping the increasing number of cases where accounts are compromised through the account holder's home or work computer. This generally involves users getting infected with a virus or malware program which then proceeds to capture the FTP password and then uses it to upload content to the user's web site which does one of a number of unwanted things. Some terms used to refer to these types of infections are Gumblar, IFRAME, JS hacks.

The solution we have developed now scans all uploaded files and looks for certain 'signatures' which indicate the likelyhood of a compromised account. The system will then notify our admins so we can investigate further. This has been running on a number of servers very successfully, and will now be rolled out accross all servers. Webcity reviews the signatures file regularly to add new variants.

This project is in addition to software we have already in place that scans user accounts for other telltale signs of an infection or likely entry points for hackers, such as globally writeable directories.

As of this month, we have also launched a new product, Protect My Site, which does further tests on user accounts. It will scan accounts more regularly, it will scan for obvious vunerabilities, as well as a wider range of virus/hacker signatures. It also scans for outdated software with known security flaws and will email the account holder with all of the above findings as well as suggested fixes.