SOCaaP

Malware Scan: 

The result of the most recent manual or scheduled scan on the website and site files.

• Click a stripe to see full malware details and read threat remediation advice.

• If no threats are found, the following message is shown on the tile:

You need to upload the SOCaaP Web Protection agent to your site to enable scans on website files. An alert message is shown if not enabled:

• Click the stripe to enable the scanner.

Vulnerability Scan

OWASP Vulnerabilities - The number of vulnerabilities on your site that are listed in the Open Web Application Security Project (OWASP). Threats listed in OWASP are serious and should be fixed.

• Note - SOCaaP Web Protection automatically blocks any OWASP threats it finds.

• Click the stripe to go to the 'Vulnerabilities' page.

• Click 'View full report' under OWASP.

• Then click on a vulnerability category to view all files affected by that attack type.

• The file list page also has instructions to help you fix the vulnerability.

• See OWASP Top 10 Vulnerability Scans for more help with this interface.

• You can also create web application firewall rules to address the issues.

• See Manage Custom Firewall Rules for help to create custom WAF rules.

• You can also initiate on-demand OWASP vulnerability scans from the 'Vulnerabilities' page

CMS Vulnerabilities - Number of active risks on your site's content management system (CMS).

• The scanner supports the following types of CMS:

• WordPress

• Joomla

• Drupal

• ModX

• Typo3

• Click the stripe to go to the 'Vulnerabilities' page

• Click 'View full report' under CMS scan

• The risk factors identified in the CMS components are shown as a list under the respective tab

• The details also include the version number of the CMS system in which vulnerability is found and the version to be updated to, to mitigate it

• See CMS Vulnerability Scans for more help with this interface

You can run on-demand OWASP vulnerability/CMS scans on the site at anytime.

Blacklist Check - The result of the most recent automatic or manual website scan.

• Site is blacklisted / Site is not blacklisted - States whether or not your site is listed as harmful on one of the major website blacklists.
  

Click the stripe to open the website scan page.

See 'Website Scans' for more information.

• Web Application Firewall - Number of incidents detected by the firewall, and the number of attacks prevented. You can configure these items in your web application firewall rules

• Click the stripe to configure the WAF policies and create custom firewall rules for the domain

• The period covered by the report is shown at the right of the stripe

• Attacks Blocked - Number of incidents identified as potential intrusion attempts and blocked

Secure Content Delivery Network

• The status of your CDN configuration live data about your CDN usage and the number of times your pages were viewed

• The period covered by the report is shown at the right of the stripe

• Click the stripe to go to the CDN page of the domain

• You need to add a CNAME to your site's DNS record to use the CDN. This record is auto-generated by SOCaaP Web Protection

• Click 'Settings' > 'CDN' > 'Settings' > 'Activation' to view the CNAME record for your site

• If you haven't configured the CNAME then no data is shown here

• Click  to start the configuration process

• See View CDN Metrics for more details about CDN statistics.

Website Backup

You can backup your website files and databases to remote servers. The backup tiles shows whether backup is active or inactive and other details. You should have purchased a backup license and configured backup settings. Click here for more information.