We have been recommended by Godaddy to use their service, godaddy website protection site scanner, has anyone used it before and are there any other useful suggestions on protecting your site against malware & hackers?
Simple, we designed owned "Shell Scanner" from developers. It runs with cron job 2 times per week. So it automatically deleted all malware and shell files from any folders/subfolders under "/home". so not a single user get affected with malware attack Also Hardware level firewall and ddos protection enabled on all servers, so to hackers 'Bye Bye'
* Always update your scripts as soon as a new version or security patch is released most importantly your OS and server software * If you have administrative rights (in other words not on a shared hosting) disable any unused serviced and close unnecessary opened ports * Do or hire someone for penetration testing
Hi Nabil_kadimi, Thanks for the advices and mind sharing where to hire someone for penetration testing?
I wrote phpSiteMinder and phpSiteScanner to to just that. phpSiteMinder will scan your website for backdoor/shell scripts and other code hackers usually inject into your files. It also backs up your files, so if your site is hacked (and you'll know because phpSiteMinder will email you and let you know what files have changed), you can quickly restore the original version, (or last clean version) of the file from the backup. It also can backup your databases too. And it does it all automatically so you don't have to worry about it. Also because it runs on your webserver, it can find all the files that external scanners don't know exist. phpSiteScanner is the stand alone scanning engine from phpSiteMinder that can be used to help you identify files that may have been infected if your site has been hacked. They will work on a PHP5 webserver. phpSiteMinder requires a MySQL database.