Sign Up
Login
What is ThreatSign! — Website Anti-Malware Dashboard?
ThreatSign! is an all-in-one cloud-based Website Anti-Malware product which detects and blocks malicious and suspicious activity on a website helping companies to manage cybersecurity risks efficiently and with no hassle. The ThreatSign! provides Web Application Firewall (WAF), real-time website malware monitoring, scanning and instant notifications that allow you to act quickly upon active threat detection. It doesn't require an installation. The setup is quick, simple and straightforward. Once registration is completed, you will be able to access your account via a dashboard. The dashboard is the web UI interface that allows you to enable website protection against cyber attacks, setup periodic security scans, customize monitoring settings such as report notification, initiate a re-scan request, view scan reports, contact support team, request malware & blacklisting removal and more. It is easy to use and accessible from anywhere. It saves your time, and it does not require specialized knowledge to manage it.
As a business owner, your website is one of the most critical ways you communicate with your clients and the public at large. With so many cyber attacks recently, your website security and your visitors' safety are top priorities. Sometimes, taking all precautions in managing users' database, protecting server info, and managing upload directories and in other routine activities still fails to avoid hacking. That's why businesses from over 32 countries choose ThreatSign! as their Security as a Service (SECaaS) provider to protect their websites from cybercriminals and online threats. There are no 100% hacker-proof web resources. In this case, if you don't act fast, the consequences are very unpleasant. Monitor your websites for malware with our client-side and server-side malware scanners, enable Website Application Firewall to block malignant requests to your site, regularly check blacklisting status and DNS/IP records of your domain in the emailed reports and in your user dashboard UI. These and other vital defenses provided by ThreatSign! ensures your team gets notified promptly each time any signs of suspicious activities are detected. Our team of top information security experts is at your service whenever you need help. Avoiding blacklisting and traffic loss with website anti-malware platform is essential because it allows you to run your business smoothly, building trust in cyberspace.
How to add a website to External Monitoring (HTTP/ HTTPS) - Client Side malware scanning?
It is very simple. The rule is: Monitor == domain to scan.

Please follow these steps to add the new domain to monitor:
  1. In the Control Panel of your dashboard click Add Monitor
  2. Fill in the form and then click Create button. Make sure you get confirmation with a link to monitor details.
  3. Activate the monitor
An activated monitor will enter the scan queue automatically.

Create External Monitoring (HTTP/ HTTPS) - Client Side malware scanning for a website

Fill in the form and click Create button

Additional capability of the External Monitoring
You will notice other new fields in your Monitor configuration which are optional but can be useful or even required depending on your system settings.

Username (optional) - sets a username when access to the scanned URL content requires identification
Password (optional) - sets a password when access to the scanned URL content requires identification
HTTP agent (optional) - sets an HTTP agent when access to the scanned URL is permitted to certain HTTP agents only
Crawler type - sets the type of the crawler to use when downloading the URL content:
  • qrobot - (default) Quttera proprietary Distributed Heuristic Crawler type - It uses Page Rank algorithm for its increased efficiency and quality. The benefit of distributed heuristic web crawler is that it is robust against system crashes and other events. Supported by a majority of the hosting platforms.
  • wget - Focused Crawler type - downloads the pages that are related to each other. It is also known as a Topic Crawler because of its way of working. The focused crawler determines the following – Relevancy, Way forward. Should be used if your website set on a low spec hardware.
Crawler workers (0-10) - sets the number of the crawlers to use when running on-demand or scheduled scan job
SSL version (for HTTPS only) - sets the exact version of SSL algorithm (use only if qrobot fails to auto-detect it)
Scan type - sets the malware scan sensitivity level:
  • Heuristic - detects both known and unknown (Potentially Suspicious and Suspicious severities) threats as well as anomalies and behavioral-based detection. (default)
  • Normal - detects only the known (Malicious severity) threats
How to add a website to Internal Monitoring (FTP/ SFTP) - Server Side malware scanning?
You can now scan your website for malware and threats internally (Server Side Scanning). Just go to Submit Internal Monitoring (FTP/ SFTP) Setup Request in your ThreatSign user dashboard UI, fill in the form and then click Submit.

You will receive a confirmation notification once the internal scan setup completed successfully.
The default malware scan interval for the internal monitor is 24 hours.

You can access the Internal monitors status on the following views: Dashboard, My Monitors, and Recent Malware Scan Reports.

Create Internal Monitoring (FTP/ SFTP) - Server Side malware scanning for a website

Fill in the form and click Submit button

How to add a website to Internal Monitoring (HTTP/S) - Server Side malware scanning?
  1. In the Control Panel menu click Add Internal Monitor
  2. Fill the form and click Create button
  3. Once the monitor is created, click Show monitor details to open Monitoring Parameters panel
  4. Check the I confirm that I have a full website backup checkbox and click Download Installer to download mbinstaller.php file
  5. Upload the downloaded PHP file to the root directory of the website
  6. In the Monitoring Parameters panel click Engine->(Re)install engine to open the Malbuster Engine Installation panel
  7. Upon successful installation, you should be able to see the version of the installed engine. If installation failed, please contact Quttera support team for help.

Create Internal Monitoring (HTTP/S) - Server Side malware scanning for a website

Fill in the form and click Submit button

Uptime & DNS/ IP Monitoring
You can set up the Uptime monitoring for your domain to track: HTTP timeouts, IP changes (Configured IP vs Resolved IP), and DNS record modifications. You can access the Uptime monitoring status on the following views: Dashboard and My UpTime Monitors.

Review or Modify the uptime monitoring and DNS/ IP integrity checks

Use toolbar commands to access website DNS/ IP configuration, review uptime statistics or edit the parameters of the monitor.

Settings:
  • To turn On/Off the uptime monitoring, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and select the desired value for the Uptime monitoring options menu. The ThreatSign platform will send both the timeout and the back up alerts to the Notification email address. The timeout alert will be triggered based on the value set in HTTP timeout (30-90) secs options menu.
  • To set the DNS record of the Monitor, please select Edit Parameters of the External Monitor to open the Monitor configuration dialog and enter IP address into the Host IP address (to track DNS attacks) input window or accept the automatically detected value.
Reporting:
  • You can access the Uptime report view for the monitored domain by clicking the Review uptime statistics button next to the corresponding monitor in the My UpTime Monitors view.
  • You can access the Monitor DNS settings view for the monitored domain by clicking the Review DNS settings button next to the corresponding monitor in the My UpTime Monitors view.
How to remove the website from malware monitoring?
In order to stop malware monitoring for a website, you can:
  1. Delete the monitor (removes the domain from the system)
  2. De-activate the monitor (suspends the periodic scan)
Please follow these steps to delete monitor:
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page click Delete button to get the Delete Monitor confirmation page
  4. Click Confirm button to proceed with the deletion

My Monitors section

Quick access toolbar allows to Configure, Suspend(deactivate monitoring) and Resume(activate monitoring)

Monitoring Parameters

Review and edit configuration of the monitor

Please follow these steps to de-activate monitor:

Option A
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page click Suspend button to get the Monitor suspension status confirmation page
Option B
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to suspend its periodic scan jobs
How to create malware monitoring for multiple domains?
Instead of adding monitors one by one, as described above, you can create a text file with domain names and upload to your ThreatSign! user dashboard UI.

Please follow these steps to add multiple domains to malware monitoring:
  1. In the Control Panel of your dashboard click Add Multiple Monitors
  2. Select a file with the domain names (one name per row)
  3. Fill in the form and press Create button. Make sure you get confirmation with list of all websites and created monitors.

Create malware monitoring for multiple websites

Fill in the form, upload the file with domain names and press Create button

Managing scheduled malware scan for the website?
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page click Edit Configuration button to access Monitoring Parameters
  4. Select the desired value in the Periodic scan interval(in hours) options menu and click Save
How to configure email notifications?
You can configure the cases in which you would like to receive HTML/PDF malware scan report. These can be Every Scan, Only If Malware Detected or Never.

  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page click Edit Configuration button to access Monitoring Parameters
  4. Select the desired value in the Notification policy options menu and click Save
The additional recipient of the website malware scan reports can be defined in Notification email field.
Managing Whitelist
URLs added to the Whitelist are assigned Clean status automatically and will not be scanned.

To add URL to the Whitelist:
  1. In the Control Panel of your dashboard click Add URL to Whitelist
  2. In the Whitelist a URL section enter the URL name in the input panel and click Whitelist
To remove files from Whitelist:
  1. In the Control Panel of your dashboard click My Whitelist
  2. In the User Whitelist section find the desired URL and click remove
Which files to add to Whitelist?

If you are not sure whether or not a specific file/URL can be added to the whitelist, just submit malware cleanup request and our team will check it out for you.
How to review the scan report?
Option A
  1. In the Reports menu of your dashboard click Recent ThreatSign! Reports
  2. In the Latest Reports For Monitors section click button next to the desired monitor
Option B
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page click Scan Report button
Scan reports archive:
ThreatSign platform will save last 14 scan reports in PDF format for each monitor that you have in your plan. You can access the reports on the Scanning History view at any time by going to Control Panel / My Monitors and clicking the Review the scanning history button next to the corresponding monitor.
How to enable Web Application Firewall?
To complete the deployment process and configure the website protection please contact our support team. You can contact the support directly from your dashboard UI. Alternatively, you can email support@quttera.com or open a ticket at quttera helpdesk
Note: Current version of the Endpoit WAF supports any web server running PHP. We plan to support other environments in later releases.
How to add an IP to WAF whitelist / blacklist?
  1. In the Firewall (WAF) Settings menu of your dashboard click Add a Custom Rule
  2. Fill in the Add New WAF Rule form and then click Create Rule buton
How to review the list of your custom WAF rules?
  1. In the Firewall (WAF) Settings menu of your dashboard click Custom Rules List
  2. In the List of Rules section review the rules and their parameters
  3. Click id link next to the rule to get more details
How to edit the custom WAF rules?
  1. In the Firewall (WAF) Settings menu of your dashboard click Custom Rules List
  2. In the List of Rules section review the rules and their parameters
  3. Click id link next to the rule to access the WAF Rule [rule-id] view
  4. Use available controls to Edit, Suspend, Delete or Export the rule
How to review WAF protection statistics?
Option A
  1. In the Firewall (WAF) Settings menu of your dashboard click Protection Statistics
  2. In the Show protection statistics dialog select the Monitor from the list and then click the Show Statistics button
Option B
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page expand the Protection drop-down menu (if required) and click WAF Statistics button
How to review the Website Access Log?
Option A
  1. In the Firewall (WAF) Settings menu of your dashboard click Website Access Log
  2. In the Show access log view select the Monitor from the list and then click the Get Log Entries button
Note: to download the access log, please check in the Download as a file checkbox

Option B
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page expand the Protection drop-down menu (if required) and click Access Log button
How to review the blocked attacks and threats?
  1. In the Control Panel of your dashboard click My Monitors
  2. Click the button next to the desired monitor to view the settings
  3. In the Monitoring Parameters page expand the Protection drop-down menu (if required) and click Blocked Attacks button
How to add Website Anti-malware Seal to website?
You can choose between standard and small size(s) of the seal to best fit your site. Note that the certificate is available for the Clean monitors only.
  1. In the Scan Report scroll down to the Anti-Malware Scan Certificate section
  2. Select the desired size of the seal image and copy code to the clipboard
  3. Paste the code on your website page and refresh the browser view to ensure the proper display
How to request malware cleanup and blacklisting removal?
The malware removal process is manual and automated. Every cleanup is handled by a malware analyst whose responsibility is to clean-up all the malicious content from an infected website and make sure there are no leftovers. Once a Website is clean and no malware present, we initiate a blacklist removal. The malware removal process is conducted remotely using FTP/HTTP/SFTP and via SSH if we find that FTP/HTTP/SFTP are not stable enough.
  1. In the Help Center menu of your dashboard click Submit Malware Cleanup Request
  2. Fill in the Malware Cleanup Request form and click Submit button
Also, please add support@quttera.com email address to your "Google Webmaster Tools", if you are using it.Malware analyst will be assigned to your case and will work with you until the resolution.
How to change email, name and other account details?
This information is unique per account owner. Please open a ticket in quttera helpdesk.
How to change user password?
  1. In the My Account drop-down menu select Reset password
  2. Enter a new password in New password and Confirm password input panels and click the Reset button
Contacting support from the dashboard
  1. In the Help Center menu of your dashboard click Submit Support Ticket
  2. Type in your request and click Submit Ticket button
How to upgrade your ThreatSign! account?
To upgrade your ThreatSign! account please send email to support@quttera.com or open a ticket in quttera helpdesk
How to delete your account?
To completely delete your ThreatSign! account please send email to support@quttera.com or open a ticket in quttera helpdesk