What is it?
DreamHost has recently partnered with StopTheHacker to provide malware scanning and removal services to all our customers.
Here a few details about StopTheHacker:
- StopTheHacker is an industry-leading web security company.
- This service has been integrated into our web panel for easy access.
- You can find further information and helpful introductory videos at stopthehacker.com.
- We are providing a free website reputation monitoring service exclusive to DreamHost customers.
To enable StopTheHacker on your domain(s), open the StopTheHacker section in the panel.
Help! My website has been blacklisted!
If your website has been blacklisted, you'll need to identify the malware on your website and completely remove it. To troubleshoot, you now have two options.
- Contact DreamHost support, who can run a scan on your website for you upon request.
- This option provies you with helpful information on what steps to take, and may be a good option for our most advanced users. More information is available on the Troubleshooting Hacked Sites wiki page.
- Enable one of StopTheHacker's Comprehensive Malware Scanning Programs services described below.
- This option is even better for all users, and has the added benefit of continued monitoring of your website for any future malware infections. This is the recommended option for the highest level of security!
Using and Managing Your StopTheHacker Service
- Open the StopTheHacker section in the panel.
- Add new domains, or manage exsiting domains, into the service.
- For each domain, you can see the current status (Safe/Unsafe) and the current service tier.
- Adjust the service tier as needed.
- There is additional functionality in the StopTheHacker Panel including more detailed reports and the ability to configure and turn on automatic malware removal.
- To use the automatic malware removal tool, the user must use an SSH connection and enter their credentials directly into the StopTheHacker panel.
Free Reputation Monitoring
Reputation Monitoring is a comprehensive daily check on the status of your website by checking the following services:
- Google Safe Browsing List
- Other search engines, such as Yahoo and Bing
- Malware blacklists, like Malware Patrol and Malware URL
- DNS Blacklists
- Phishing blacklists like PhishTank
- Spam blacklists like SpamCop
- ...and many more!
StopTheHacker automatically notifies you when your website ends up on a blacklist, and will provide steps to help you remove your site from any search engine blacklist.
For each domain that StopTheHacker protects, you are able to see the current real-time security status from the DreamHost web panel.
Comprehensive Malware Scanning Programs
Though your Reputation Monitoring service notifies you if your site is blacklisted, the damage may have already been done. If you need an extra layer of protection against malware and more, we recommend that you upgrade to one of the premium StopTheHacker services.
StopTheHacker has four premium service levels:
Each service level (described below) provides additional safeguarding features. You can select one of these service plans by visiting the Stop The Hacker section in our web panel.
- Weekly scans of every page of your website
- Identifies previously known malware and viruses.
- Automatic notification when malware or viruses are detected on your website.
- $10 per site per month, $100 annually (two months free)
- Daily scans of every page on your website.
- Identifies previously known malware and viruses as well as previously unknown malware and viruses using a sophisticated Artificial Intelligence engine.
- Detected malware can be automatically removed as soon as it's found.
- $20 per site per month, $200 annually (two months free)
Additional security features:
- Facebook page scans
- Phishing page and PHP spam shell detection
- Website defacement detection
- Insecure folder permissions detection
- .htaccess hack detection
Additional optimization features:
- Website speed and uptime monitoring
- Website error reporting
All of the features included above, and:
- Hourly scans of every page of your website
- Application and server-level vulnerability assessment.
- $50 per site per month, $500 annually (two months free)
All of the features included above, and:
- Continous protection for the most security-sensitive websites.
- An annual security audit conducted by StopTheHacker's expert team.
- $100 per site per month, $1000 annually (two months free)
- Your StopTheHacker service is paid on a per domain basis.
- You can pay either monthly or annually for the service, and your payment is due at the time of purchase.
- We are unable to provide refunds.
- You can choose to upgrade your service at any time, and any remaining service credit will be applied towards your new plan.
- You can also opt to have your service automatically downgraded to the Free Reputation Monitoring, or any other service level, at the end of your paid service period.
- StopTheHacker must be supplied with a Shell login to be as effective as the regular Dreamhost scan. FTP will not cut it. There is currently no warning about this, but they're working on it.
- Credential verification happens on submission. If the password is reset (either shell or FTP) after giving them the credentials they are not currently able to warn users that the service is no longer as effective as it could be. If you reset your passwords, don't forget to manually update them on the STH website. .
- StopTheHacker needs all directories to have 750 permissions to run their scripts on them.