Website Security Posture Check
WSPC Service
In the digital era, website security is essential to a company’s credibility and sustainable operations. While many companies focus on inline real-time traffic protection, website security assessment, and monitoring services are equally important.
AIONCLOUD recognizes this necessity and offers various security functionalities through its website security assessment and monitoring solution, WSPC.
The WSPC service continuously checks the security status of websites by performing malware scans and monitoring blocklists, SSL certificates, and DNS record changes.
It helps identify potential threats in advance and enables timely responses.
Malware Scanner
Attackers often inject malware into websites to achieve various malicious objectives such as data theft, phishing attacks, ransomware distribution, botnet construction, SEO spam, or damaging a competitor's reputation. Popular websites with high visitor traffic are prime targets for such attacks, as attackers seek to steal sensitive information or reap financial benefits.
If malware is embedded in a website, it can lead to severe consequences such as data breaches, loss of brand trust, search engine blacklisting, and website downtime.
AIONCLOUD WSPC scans websites in an environment identical to that of actual visitors and performs a comprehensive page-by-page analysis to detect any malicious content that may have been inserted into the web server. The service offers automated, regular scans to analyze malware or suspicious activity and sends immediate alerts when malware is detected, helping website owners take prompt action.
Blocklist Monitoring
Being listed on a blocklist(blacklist) can severely harm a website’s security and its brand reputation. When an attacker injects malware or distributes spam content through a website, it may end up being listed on multiple blocklists, which can result in the site being removed from search engine results or displaying warning messages to users.
Security solutions referencing these blacklists may block access based on flagged IP addresses, domains, or URLs, significantly impacting service availability. This can reduce the visibility of the website and create a negative perception among potential visitors.
AIONCLOUD WSPC continuously monitors whether a website has been listed on blocklists and provides real-time visibility into its status. The service checks the website’s standing against multiple major blocklists and databases, quickly identifying any registration and notifying the website owner immediately.
SSL Certificate Monitoring
SSL certificates are crucial for encrypting data transmission between a website and its users. If a certificate expires or has a vulnerability, user data may be exposed, potentially harming the website’s credibility and availability.
This issue is particularly common in large enterprises, where security and system operations are handled by separate teams. Even if the server certificate is renewed, the security solution’s certificate renewal might be overlooked, leading to potential security vulnerabilities or service outages due to certificate expiration.
AIONCLOUD WSPC continuously monitors the status of SSL certificates, tracking expiration dates and security settings in real-time. The service validates certificate integrity and provides immediate notifications if issues arise, ensuring the website’s security is maintained.
DNS Record Monitoring
DNS records translate a website’s domain name into an IP address, enabling connectivity between users and the website. Accurate DNS records ensure the availability and accessibility of the website, but any tampering or omission of DNS records can lead to access issues and pose serious security threats.
In large enterprises, DNS management can be complex due to the separation between security and system operations, leading to delays or lapses in reflecting DNS changes. DNS configuration errors may cause temporary downtime, and in severe cases, attackers can exploit DNS spoofing to leak user data or distribute malicious content. Additionally, improper DNS record management may disrupt email communications or affect other services.
AIONCLOUD WSPC provides DNS record monitoring to continuously check domain DNS configurations and track any suspicious changes in real-time. The service helps identify issues early and maintain the security of the website.
Website Management Menu
This is the website management menu where you can view the list of sites registered in WSPC, add or delete sites, and verify site ownership.
① Add Registration : A button that takes you to the "Website Registration" page, where you can register a new website.
② Website List : A list of websites that can be scanned by WSPC.
Websites that have not been verified for ownership will display a Ownership verification required button. You can click the Ownership verification required button to complete the verification process. Ownership verification can also be done during the site registration process.
When you click on each site in the list, the most recent scan information for that site will be displayed.
- Malware
This is the malware scan status information.
The malware scan has not been conducted yet.
No malware was detected in the last malware scan.
One or more instances of malware were detected in the last malware scan.
- Blocklist
This is the blocklist scan status information.
The blocklist scan has not been conducted yet.
These are the blocklist scan results. It checks if the website is listed on major blocklists, and the number of listings is displayed accordingly.
- DNS
This is the DNS scan status information.
The DNS scan has not been conducted yet.
The registered record matches the DNS scan results.
The DNS scan results differ from the registered DNS records. You can view the updated record information on the Scan > DNS page.
- SSL
This is the DNS scan status information.
The SSL scan has not been conducted yet.
The registered certificate matches the result of the SSL scan.
The registered certificate differs from the SSL scan result. You can check the updated certificate information on the Scan > SSL page.
A warning will be displayed if malware is detected, if there are changes in DNS or SSL information, or if the website is found on a blocklist.
This is a button that allows you to navigate to the malware scan settings for the site.
This is a button that allows you to delete the site.
This is a button that allows you to navigate to each scan page.
Add Website
To use the WSPC scan feature, you must register your website.
Before registering your website in WSPC, please make sure to check the following information in advance.
- The type of website you want to register (root domain or subdomain)
In AIONCLOUD WSPC, as shown in the image below, a domain with a prefix like "www" is considered a "subdomain," while a domain without a prefix is considered a "root domain."
For root domains, you can register records in the DNS settings and use the DNS scan feature of WSPC.
However, DNS scanning is not available for subdomains. - Protocol
If you register an HTTPS website, you can register a certificate to use the SSL scan feature of WSPC.
On the other hand, HTTP websites cannot use the SSL scan feature of WSPC.
① Go to the Add Website Menu
To register a new site in WSPC, go to the "Website Management" menu and click the Add Website button in the upper right corner to navigate to the website registration page.
② Check the Website
Enter the website you want to register and click the Check Website button on the right. During the website check, the following validations are performed:
- Website connectivity
- Website duplication
- Redirect status
If the entered website redirects to a different URL, you will be prompted to confirm whether you want to register the redirected URL, as shown below.
Clicking the OK button will proceed with registering the redirected URL, while clicking the Cancel button will register the website using the original URL you entered. If you click Cancel, the malware scan will not be conducted.
Once the website check is complete, please click the Next button to continue with the registration process.
③ Verify Ownership
To use the WSPC scan feature, you must verify the ownership of your website.
① Click the File Download button to download the ownership verification file.
Upload the downloaded file to the Web server directory path.
② Once the file has been uploaded, click the Ownership Vweification button to complete the verification.
If the verification fails, ensure that the path is accessible.
③ After the ownership verification is completed, click the Registration button to finish registering the website.
You can register the website without ownership verification, but the WSPC scan feature will not be available. If you did not complete ownership verification during registration, you can continue the process later in the Website Management page.
If ownership verification was not completed, you can click the Verify Ownership button in the website list and proceed to the ownership verification page, where you can complete the verification process in the same way.
Scan > Malware
The Scan > Malware menu allows you to initiate malware scans in WSPC or review the scanned information.
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② Scan Basic Information: This section contains basic settings and schedule information for the scan. Automatic scan and notifications can be adjusted in Settings > Auto Scan Settings.
③ Website Status : This displays the current scan information or the status of the last scan.
When a scan is in progress, the screen will display as shown below.
When a scan is in progress, you can check the Total URL Count, Malicious URL Count, and Scan Progress.
You can cancel the scan by pressing the button.
If malware is detected, you can view detailed information about the detected malware.
④ Lookup Date : You can specify the date for the malware scan report you wish to view.
⑤ Scanned URLs : This shows the total number of scanned URLs. You can click to view the list of URLs.
You can search and view information about the scanned URLs.
Click the CSV button to download the URL information in CSV format.
⑥ Infected URLs: This shows the total number of infected URLs. You can click to view detailed information about the infected URLs.
⑦ Start Scan: Initiates the malware scan for the website.
Scan > Blocklist
The Scan > Blocklist menu allows you to view the blocklist scan information in WSPC. The blocklist scan is only supported for automatic diagnostic scans.
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② Scan Basic Information: This section contains basic settings and schedule information for the scan. Automatic scan and notifications can be adjusted in Settings > Auto Scan Settings.
③ Lookup Date : You can specify the date for the blocklist scan report you wish to view.
④ Blocklist Scan Results: This is the list of blocklist scans.
Scan > SSL
The Scan > SSL menu allows you to perform SSL certificate scans in WSPC and review the scanned information.
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② Certificate Information: Click the View Certificate button to check the details of the currently registered certificate.
③ Scan Basic Information: This section contains basic settings and schedule information for the scan. Automatic scan and notifications can be adjusted in Settings > Auto Scan Settings.
④ Lookup Date : You can specify the date for the blocklist scan report you wish to view.
⑤ SSL Certificate Scan results: This is the list of SSL scans.
⑥ Start Scan: Initiates the SSL certificate scan.
The SSL scan feature is only available for HTTPS websites. You must register a certificate in Settings > Certificate Settings in order to perform the scan.
Scan > DNS
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② Record Information: Click the View button to check the details of the registered DNS records.
③ Scan Basic Information: This section contains basic settings and schedule information for the scan. Automatic scan and notifications can be adjusted in Settings > Auto Scan Settings.
④ Lookup Date: You can specify the date for the DNS scan results you wish to view.
⑤ DNS Record Scan List: This is the list of DNS scans.
Scan > Malware Scan Setting
The Settings > Malware Scan Settings menu provides configuration options for malware scans for specific websites.
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② Crawling Depth: You can set how many levels deep the scan will follow links starting from the website. The higher the depth, the deeper the scan goes into web pages, but this also increases scan time. Setting the depth too high can lead to performance degradation, so it's important to choose an appropriate value.
③ External URL: You can choose whether to scan external domains beyond the current domain. Scanning external URLs is useful for detecting malware that might enter through external links.
④ Scan only newly added or changed URLs: You can configure the scan to skip URLs that were already scanned in previous scans and only scan newly indexed or modified URLs. This improves scan efficiency and avoids redundant tasks.
⑤ User Agent: Set the User-Agent for the WSPC scan. The User-Agent identifies the scanner when making requests to the web server and can help avoid blocks or receive different responses depending on the website.
⑥ Direct IP: This option allows the scan to directly target the web server's actual IP address without going through proxies like WAAP.
⑦ Directory exception: You can exclude specific directories from the scan target. This is useful for excluding sensitive, unnecessary, or internally protected directories.
⑧ Extension exception: This feature allows you to exclude specific file extensions from the scan, preventing scans of unnecessary file types.
⑨ Regex exception: You can use regular expressions (regex) to exclude URLs with specific patterns from the scan. This setting efficiently filters consistent URL formats, avoiding repetitive or unnecessary scans.
⑩ HTTP Authentication: You can set HTTP authentication to access web pages required for the WSPC scan. The available authentication types are as follows:
- Basic: A standard authentication method that sends the username and password encoded in Base64 to the server.
- Digest: An authentication method that enhances security by using encrypted hash values.
- Form: An authentication method where credentials are submitted through form fields on a login page.
Scan > Certificate Setting
The Settings > Certificate Settings menu allows you to register the SSL certificates required for SSL scans and configure certificate expiration notifications.
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② SSL Certificate Upload: Upload the SSL certificate required for the scan. You can register the website's certificate by clicking the Upload SSL Certificate button.
③ SSL Certificate Expiration Notification Settings: This feature provides notifications in advance of the expiration of registered SSL certificates. Based on the configured settings, you will receive notifications at intervals of 120 days, 90 days, 60 days, 30 days, and 7 days before the certificate expires.
DNS Setting
The Settings > DNS Settings menu allows you to register and manage the DNS records required for DNS scans.
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② Add DNS Record: You can add DNS records to be scanned. After entering the record type, name, and value, click the
Add New Record button to include it in the scan targets. The types of records you can add are as follows:
- A
- AAAA
- CNAME
- CAA
- LOC
- MX
- PTR
- SPF
- SRV
- TXT
③ Target DNS Record List: Displays the list of added DNS records. Each registered record includes information such as type, name, and value. You can also click the Import DNS Zone File button to load a DNS Zone file, allowing you to add and manage records in bulk.
Scan > Auto Scan Setting
You can configure automatic scans for Malware, Blocklist, SSL, and DNS, and set up notifications for any issues detected during the scans.
① Site Selection : This is the site you are currently viewing. You can click it to switch to a different site.
② Auto Scan Items: Select the items to be automatically scanned, with SSL scans unavailable for HTTP websites, DNS scans unavailable for subdomain websites, and blocklist scans limited to automatic diagnostics.
③ Auto Scan Cycle: Set the frequency for the automatic scans.
④ Notification Settings: If issues are detected during the automatic scans, a notification email will be sent to the registered email. The issues include:
- Malware Scan: A notification is sent if malware is detected.
- Blocklist: A notification is sent if the website is listed on major blocklists or if the risk score is high.
- SSL Scan: A notification is sent if the scanned certificate information differs from the registered certificate information.
- DNS Scan: A notification is sent if the scanned DNS record information differs from the registered record information.