Virusdai - an antivirus for sites for which it is not a shame



    This is, for the most part, an advertising post since it is the first on our blog. After the first acquaintance, we will write here about the architecture of defense systems, anti-virus algorithms and interfaces.

    In 2012, we decided to create the most convenient tool for protecting and combating viruses on websites, and now, today this project has grown into a service that we are not ashamed to talk about.

    It is no secret that a site’s infection with a virus does not bode well for its owner, and the problem of eliminating and preventing infection of sites is becoming more urgent every year. In most cases, the webmaster has to solve the infection problem.

    It was for such webmasters that we created the Virusdai service, which not only saves time when searching for malicious code and eliminating infection of sites, and often allows you to forget about such problems. Just trust the antivirus machine and the firewall.

    What is Virusdai?


    Virusdai is a cloud-based antivirus for websites and a firewall that allows you to automatically clean sites from viruses, protect against repeated infections, attacks, XSS / SQL injections and suspicious activity.

    The service is intended for webmasters, web studios, SEO professionals and website owners who prefer to spend a minimum of time (or not spend at all) and energy to find and eliminate the sources and consequences of infection.



    Virusdai automatically detects and eliminates malicious code in PHP, HTML, JS, system files and files disguised as images, and after treatment, the user's resource remains operational. The service can work immediately with many user sites and does not require installation or configuration.

    Virusdai comfortable



    Easy to use.
    To get started, you just need to add a new site to the list on the service and synchronize it. To do this, it is proposed to download and place a unique * .PHP file for each user in the root directory of the site. The service will do the rest itself, and you can simply control the processes and manage everything through the panel.


    Automatically eliminates malicious code.
    Anti-Virus not only allows you to find malicious code, but also eliminates it in automatic mode. At the same time, Virusdai can not only delete entire files, but is also able to accurately cut out fragments of malicious code, while maintaining the resource’s operability.


    Doesn't leave its users alone with the problem
    There are times when Virusdai can not cope with the infection found in automatic mode. However, here the service will not leave you alone. Firstly, you can use the built-in editor, in which the found code fragment will be clearly highlighted and independently decide on the removal of the desired piece. Secondly, you can ask technical support of the service to analyze the detected threat and eliminate it.


    One-click protection
    To reduce the likelihood of re-infection of the site and the consequences of attacks, Virusdai allows you to set a firewall on the site with one click. Data on the results of its work are displayed in the control panel of the corresponding site on the service. The firewall is a standard feature set of the Virusdai service.

    Toolbox


    We tried to create a convenient space for webmasters on the service and expanded the basic functions of the antivirus and firewall with additional tools: a file manager, a file editor and a list of exceptions. Now let's talk about everything in a little more detail.

    All work with sites on the service is carried out from a list to which you can add an unlimited number of them and define for each interval the automatic checks and other settings (automatic treatment, exceptions, etc.). Also, from here you can run site checks and make quick settings.



    To go to work with the tools of each site, just click on the desired block in the list - the toolbar of the desired resource will open.

    1. Antivirus


    The anti-virus section displays detailed information about infected and cured files, errors, their number and time of checks. The last / current operation is displayed in a large antivirus block at the top of the page. The status of the site has color coding. Red - threats detected. Yellow - sync error. The automatic treatment switch is located here (in addition to the mandatory presence in the general list of site settings). If automatic disinfection is turned on, the threats found will be automatically eliminated when the site is scanned.



    Virusdai may not eliminate all threats it detects automatically. Anti-Virus does not treat detected Suspicions, and detected Infections can be cured automatically or not. This is due to the fact that it is not always possible to formulate with guarantee the rules for determining the exact fragment of malicious code, upon removal of which the health of the resource will be preserved.

    Even in this case, you can look for the found malicious code (the code is highlighted) in the file editor (which can be accessed from the scan / treatment report) and fix it manually or request a solution from the support service.

    With automatic disinfection, a backup copy of files that are changed (or deleted) by the antivirus is always saved. It is possible to restore the file to the “before treatment” state from the file editor by going to it from the report.



    In addition, Virusdai monitors the site being blacklisted by Google and Yandex Safe Browsing. This opportunity allows you to be sure of the success of the treatment.

    If the site after treatment does not disappear from the black lists (and Virusday cannot find any threats), you will be asked to contact the technical support of the service, where the specialists of the anti-virus database department will deal with this issue (in the future we will improve this scenario and eliminate the need to write a request for this occasion).

    2. Exclusion List




    To ignore certain site files during the scan, we implemented an exclusion list into which you can add a file from both the scan / disinfection report and the file manager.

    3. File Manager




    For convenience (especially if the sites are physically located on different servers) we made a built-in file manager that can be used to get a clear picture of the infection (markers of affected directories / files are displayed in the file structure).

    From the file manager (as well as from any scan / treatment report), you can go directly to viewing any resource file in the built-in file editor.

    4. File Editor




    In the file editor, you can see with your own eyes the found malicious code and make quick editing of the content yourself. Malicious code will be highlighted when viewing a file in the editor.

    Here you can also change the rights to the file and restore from a backup created automatically during disinfection.

    5. Firewall


    The only tool that is still at the stage of debugging and testing is the firewall, which we included in the main functionality of the service. It is available today for sites on the management systems Joomla, WordPress, Drupal, DLE, Bitrix, ModX, Yii framework, Opencart, NetCat, CS.Cart, AmiroCMS, HOSTCms and Magento and can reduce the likelihood of successful DoS attacks, XSS / SQL injections and downloads suspicious files.



    The firewall is automatically installed on the site when the switch is switched to the on position. All data on the firewall is displayed in the site panel.

    Where are the diamonds from?


    We are convinced that good service should be paid, because quality requires a constant investment of serious resources. Therefore, Virusdai is a paid service. It allows you to check any number of your sites (including scheduled ones) for free. Paid services are treatment and protection. At the same time, the price of using the service is so much lower than the cost of services offered on the market today, that it’s even inconvenient for us to write about it here. In addition, we have several affiliate programs that make using the service even more interesting.

    Anti-virus database


    From the very beginning, we understood that automatic treatment is, first of all, high-quality detection rules. It is not enough just to detect the presence of malicious code, it must be removed so that the resource is not compromised. We pay very much attention to this aspect of the service. Today, the anti-virus database is updated by our anti-virus database department, and also uses several third-party SDKs. In addition, any user of the service can send us the malicious code they found for analysis and, possibly, an appropriate detection / elimination rule will be created on its basis.

    What will be tomorrow


    Virusday service provides its services not only to webmasters. For search engines, Internet companies and large web projects, we have created a service of surface scanning of sites for the presence of Virusdai.Bot threats. The service is accessible through the API and allows you to quickly check the HTML and JS files of the site that are accessible "outside" for infections and, in addition, conducts behavioral analysis, for example, establishing the presence of a mobile redirect.

    Also, today at the facilities of one of the hosting providers, the server antivirus Virusday is being tested. The server that we created as a result of research work. While this is still a prototype, but probably Virusdai. The server will turn into a full-fledged product this year.

    Every day we work to improve the existing service. A lot of changes are made to it daily, for the most part hidden from the eyes of users, but affecting the efficiency of its work. Once a week, we make changes to the interface, optimizing scenarios for interacting with it. We still have a lot to do, but it only inspires us.

    Now that we have introduced the service to you, we can talk about its architecture in the next post.

    Also popular now: