Malware Scanner by CleanTalk

CleanTalk Security Service for Websites

Presence of any malicious code can lead to blocking of your website in the search results or receiving a warning about it in order to protect your visitors from the dangerous content.

The CleanTalk Malware Scanner is a part of the CleanTalk Cloud Security Service. The Malware Scanner is free and you can check your website pages for malicious code, malicious iFrame content, hidden external links. Malicious code can be found not only in the code of public pages, but also in site files. Also, we recommend to scan all your website files with our Security plugin.

What does this app scan?

  1. Scanning for malware - this scan scans web pages and files for potentially malicious code such as viruses, Trojans, or malicious scripts. Scanning for malware Scanning for malware
  2. Scanning in public lists - this check involves scanning public lists, such as blacklists for unwanted activity, to determine if the source IP address is publicly known and blocked. Scanning in public lists Scanning in public dns servers - this check extracts the domain from the URL and queries various DNS providers to detect if the website is being blocked by external DNS filtering services. If a provider returns 0.0.0.0 instead of the actual IP address, it indicates the site is blocked by that provider.

    If the site is available, the DNS filtering check will return the actual IP address of the website.

    $ dig 8.8.8.8 cleantalk.org +short

    135.148.242.107



    If the site is unavailable, the DNS filtering check will return 0.0.0.0

    $ dig 8.8.8.8 cleantalk.org +short

    0.0.0.0

    Scanning in public lists
  3. Check for public access to Git, SVN repositories - during this check, the public availability of SVN and GIT repositories is analyzed to determine if they are accessible and if sensitive data or pieces of software code can be publicly available. Check for public access to Git, SVN repositories
  4. Check for SSL - this check analyzes a website's SSL certificate to determine if it is valid, matches the domain name, and if there are any potential vulnerabilities. Check for SSL
  5. CMS recognize - this check attempts to determine which content management system (CMS) is used on the website, as well as its version and other information. CMS recognize
  6. HTTP response code and server information - this check retrieves data about the server response code and information about the server itself, such as server version, technologies used, etc. HTTP response code and server information