Greetings guys,
I recently setup a HTML/CSS along with PHP site plus its having security challenges…
It doesn’t matter what hosting I utilize I cannot hold those " security risks" away, (" you know the stuff of which pops up any time Norton detects threats" )
Nevertheless the real question is definitely, " How that will I protect my own visitors and my own site from most of these threats"
**edited on 8/15/2010 – this is certainly on a service provider
What’s Norton saying it’s detected
And outside interest what’s the site about
The majority of the risks are Trojan. Gens, as well as the rest are spyware and…
The main one site was resolved while i transferred the SSL qualification to my equipment, I just was required to direct it towards the new domain
Nevertheless the other one, which I’m looking to build for other people is a site to get a Faith-Based Substance Craving Ministry… And this place is being hosted with x10hosting, so while i hand it up to them, all I must do is give them control of the particular account… But that is beside the level…
The SSL Certifcate that i was going make use of on the ministry site is at effect, but were keeping the risks away… So I experimented and also transferred the SSL Certification to my host instead and things are working fine for the site on my machine…
They are the steps I took to put in the SSL Qualification on x10hosting:
1) Downloaded the primary and intermediate certificates
2) Accessed my c-panel
3) Accessed SSL/TLS Manager
4) Accessed " Generate/View/Upload/Delete SSL certificates"
5) Submitted certificates
6) Arrived to SSL/TLS Manager
7) Clicked on " Setup a SSL certificate to cooperate with your site" (and of course, this option seriously isn’t disabled)
8) Selected the sub-domain that this site is with (it did get the SSL plus private key)
9) Went to Ca Bundle and pasted the contents from the intermediate certificates and also installed the qualification…
After this I sent in a heat-ticket so they would restart Apache…
Immediately after I received discover Apache was restarted by means of request, I concept things would do the job… So I deleted all the content already on the host, (just to be sure all viruses that may have been present were gone), re-uploaded content back again onto the host after needless to say running a virus-scan about the files, and waited Twenty four hours to see should the SSL certificate seemed to be working…
Morning, there were COUPLE OF trojans. gen risks…
" Why must have the feeling the problem is a little something really dumb on my part"
Scan which includes a different AV. Sounds like Norton’s flagging the. js file, in all probability heuristically, and improperly.
There’s the thought…. hmmmm
Cover try uploading a dummy site devoid of javascript/JQuery and re-install your SSL, then I’ll wait 24 hours if the same/new threats look…
I didn’t function another AVS cause I must re-install the SSL earliest…
after the 24 hours, sad check again — if threats show up – the Unwell try AVG in it…
Fine, it has been in excess of 24 hours… Plus its looking like our own alien overlord is definitely right…
If its my. js files causing this, then what functions could be triggering the menace… or is the item just the source connection to the. js document cause this
Something specific from the. js most in all likelihood. Heuristic testing does this all the time.