Welcome to WebmasterWorld Guest from 3.92.92.168

Forum Moderators: open

Is there any spamware/malware software for static HTML sites

     
3:50 pm on Oct 18, 2019 (gmt 0)

New User

joined:Oct 8, 2019
posts:4
votes: 0


I have many sites on bluehost VPS and they charge a lot for their malware software.
5:10 pm on Oct 18, 2019 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Aug 30, 2019
posts:147
votes: 29


Hello-

Static HTML files can be compromised too. If hackers succeed to have access to your VPS, in a way or another, they can modify your static HTML as well. This would require the hackers to have access to your FTP, sFTP, etc... or/and SSH. Eventually, they can also exploit security hole at the level of the web server software (apache, nginx, etc...).
5:39 pm on Oct 18, 2019 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:4561
votes: 363


Are you still battling the phishing pages problem you had reported previously here? See: [webmasterworld.com...]

If you are in doubt about having more problems you can go back there to check your site. I am surprised if that same problem returns because Google would check your fix to be sure it was OK before accepting your sites again.
5:43 pm on Oct 18, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:3022
votes: 214


The security hole will not be in the HTML, so not in the site per se. They will be in the web server, or the OS, or other things running on the same server.

What OS are you running on your VPS? In general you barely need anti-malware on Linux or Unix and there are free and open source options, so you should not be buying licences for anything expensive.

If this is the same problem as in your other thread:

1. You could consider setting up a new VPS and copying the content over. Cleaning up a VPS after its compromised can be quite difficult.
2. You could consider switching to shared hosting. It can be pretty cheap even for multiple sites these days.
6:13 pm on Oct 18, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15936
votes: 889


they charge a lot for their malware software
This sounds like a landlord who has never once changed the locks to enter the building, no matter how many reported breaches there have been, and instead asks tenants to pay through the nose for optional-extra security systems. Sometimes your best option is to move.
6:33 pm on Oct 18, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10573
votes: 1125


^^^ Best advice!

Your host should have these things in place, not just for your, but for their business as well!
6:44 pm on Oct 18, 2019 (gmt 0)

Preferred Member from CA 

Top Contributors Of The Month

joined:Feb 7, 2017
posts:579
votes: 60


I have experience with BH, shared hosting, but with Wordpress. I recommend moving. My customer was hacked but not through WP. We never found out how. The site was intact but a huge amount of extra php files detected all over the install. BH's shoulder shrugs were not helpful.

Static html files hacked? Really? You'd need to break into the OS first, and the owner can simply re-upload the files. I would not pay for additional protection for static html files.
11:39 am on Oct 19, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:3022
votes: 214


This sounds like a landlord who has never once changed the locks to enter the building, no matter how many reported breaches there have been, and instead asks tenants to pay through the nose for optional-extra security systems. Sometimes your best option is to move.


I would agree if it was shared hosting, but this is a VPS. The whole point is that you configure it the way you want, and if its unmanaged you take complete responsibility.

If it is a managed VPS then it depends on exactly what they are planning to do. Unless your sites are a target that need better than usual security, then I would say its part of what you are paying for already.
11:43 am on Oct 19, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:3022
votes: 214


You are usually better off putting static sites on shared hosting. I did put a new static site on a VPS yesterday but I need the VPS anyway so its not much extra work.