Knowledge Base

After installing 6Scan, another website on my account stopped working. What should I do?

When an administrator configures multiple sites on the same shared hosting account or VPS, the sites’ root directories may be nested. For example, http://www.example.com may be set up with a root of /usr/home/example/www/, and http://es.example.com may be set up with a root of /usr/home/example/www/es/.

In this case, the .htaccess file in the parent directory (www.example.com in this example) will also affect the subdirectory (es.example.com). If 6Scan is installed on the site in the parent directory, its modifications to the parent .htaccess may affect correct operation of the site in the child directory.

To fix the problem, create an .htaccess file in the child site’s root directory (/usr/home/example/www/es/ in this example), which contains the following single line:

RewriteEngine On

This will cause the parent site’s.htaccess to be ignored by the child site, preventing any problems.

How do I cancel my 6Scan subscription?

While we regret loosing you as a subscribing customer, we have made it extremely easy for you to cancel any 6Scan subscription. To cancel any active subscription, simply log into your 6Scan Site Manager and locate the My Licenses section in the bottom of the window. Simply roll your mouse over an active license and you’ll see a trash can icon appear next to that license. To cancel the subscription and no longer be charged for your paid 6Scan service, just click on the trash can icon, and follow the instructions in the dialogue box.

Cancel-License_sml

Canceling any 6Scan license will automatically cancel future payments and downgrade your site protection to 6Scan Free edition for what ever site that license was attached to. You can continue enjoying monthly scans and manual fix instructions while under the 6Scan Free edition. To stop your site from being scanned by 6Scan altogether, simply click on the down arrow under the Action column in the 6Scan Site Manager for the site you’d like to remove and click Uninstall.

uninstall_site_sml

 

Once you uninstall a site from the 6Scan Site Manager, the site will no longer be associated with your Site Manager and will no longer receive scans from 6Scan.

Note: If you are using our WordPress Plug-in, you may have to actually uninstall the plug-in from your site in order to remove our service from our website.

I purchased 6Scan, however it doesn’t appear that 6Scan has fixed my site according to their recommended Manual Fix instructions

You may be aware that our service provides free instructions on how to Manually Fix every Vulnerability our scans finds on your website. Our Manual Fix provides you with step-by-step instructions on how to patch your site’s code yourself and fix the found vulnerability(ies).

manual_fix_1_sml

Here’s an example of our Manual Fix instructions:

manual_fix_2_sml

Note: Our solution does not provide Manual Fix instructions for Malware Removal.

Our Automatic Fix is an automated feature that resolves the Vulnerability(ies) on your site so you don’t have to worry about them. While our Automatic Fix has the same effect as the manual fix, it is typically performed in the form of a Virtual Patch. A Virtual Patch means that instead of modifying the original file(s) on your site, we put in a “hook,” a small bit of code that executes before the vulnerable script. The hook intercepts input that could potentially exploit the vulnerability, and fixes it before calling the original code. Because we don’t modify the original code, however, the virtual patch does not cause problems if you update your site’s code (either manually or through an auto-update system).

How do I move my license to a new site location?

My site has moved to a new URL. How do I transfer a subscription I purchased for my old site to my new site?

Easy! From your Site Manager, you can simply downgrade your old site and upgrade your new site in its place. Follow these instructions:

Step 1: Click here to access your 6Scan Site Manager.

Step 2: Add your new website by entering its URL in the Website Address box on the top of the page, and clicking Add Website.

movesite_1

Step 3: Find your old website under My Websites. Click the down arrow in its Action column, and select Downgrade. Confirm you want to downgrade the site.

movesite_2_sml

Step 4: Find your new website under My Websites. Click the Upgrade menu in its Account column, and select the license you purchased for your old site.

movesite_3_sml

That’s all! Your new site will now have the same features that your old site previously had. If you no longer require scans on your old site, you can uninstall it from its Action dropdown menu.

Error: There are no HTTP transports available which can complete the requested request.

The error, “There are no HTTP transports available which can complete the requested request.“, typically occurs when you are attempting to test the 6Scan service on a local website that is not publicly accessible over the interet. i.e – sites hosted on local machines (127.0.0.1 or localhost).

Since the 6Scan service is a hosted service, our service MUST be able to contact your website over the internet. Once your site is publicly accessible over the internet, you will be able to use the 6Scan service.

Why do I receive many email messages during a scan?

In some cases, while 6Scan is scanning your site for vulnerabilities, you may receive a number of emails that look like they came from a contact form, but with bogus data. This article explains why this could happen and what you can do about it.

If you are receiving email like this, it means your forms have no anti-bot measures in place. This is not recommended: leaving a form unprotected leaves your server (and yourself) open to denial of service attacks, which could cripple your server, cause problems with your ISP/hoster, and depending on configuration could even be used as a launching point for spam attacks.

It is important to be aware that this can be exploited like a vulnerability to cripple a server, therefore such mass mailing entry points should be made more secure. When using forms for sending emails (e.g. registration forms), techniques such as CAPTCHA (http://en.wikipedia.org/wiki/Captcha) should be implemented to validate the input and protect such forms against bots.

6Scan recommends you add some basic protection, such as a CAPTCHA (see http://en.wikipedia.org/wiki/Captcha), to all forms on your website. If you are using a common CMS, such as WordPress or Joomla, a number of free plugins are available to do this for you. If you have a custom-coded site, you will need to contact your web developer for assistance.

As always, if you have any questions, don’t hesitate to reach out to us!

WP e-Commerce Plugin SQL Injection

An SQL Injection vulnerability was found by Miroslav Stampar in WordPress WP e-Commerce plugin, versions <=3.8.6
We have checked and noticed that newer versions of this plugin still contain this bug, which could be exploited by malicious users to execute remote SQL commands on the WordPress server.

6Scan has decided to add protection against the described vulnerability to our database, ignoring the plugin version. We have chosen to fix this bug in a way that will not interfere with plugin’s normal work, even if the bug is fixed in the near future.

Zero-Day exploit

6Scan’s Security Research Team is constantly finding new security threats which are not yet documented and do not yet have a fix. 6Scan’s customers are automatically protected against these threats before a fix is even available — this protection cannot be obtained anywhere else!

To prevent hackers from widely exploiting vulnerabilities found by our Security Research Team, 6Scan does not disclose any information on such vulnerabilities until they have been fixed by the software vendor.

I am seeing an error that is similar to “Could not open handle for fopen…”

WordPress uses the fopen() function to get data from remote servers. 6scan security requires this to complete the registration and verification process.

If the allow_url_fopen option in php.ini is set to Off, the fopen() function will fail while getting remote data. Because the default value for this is “On”, this can only happen if an administrator manually changed it. Since PHP verion 4.3.4, you can no longer override this value in an .htaccess file, using the ini_set() function, nor in a custom .user.ini file; therefore, you must change this value to “On” in the global php.ini (or httpd.conf) file.

If your server is running PHP as CGI/FastCGI, you can add the following lines to php.ini:

[PATH=/path/to/your/blog/directory/wp-content/plugins/6scan-protection]
allow_url_fopen = On
If your server is running PHP as an Apache module, the only currently available solution is to enable the allow_url_fopen option in the global php.ini.

How long does it take to fix vulnerabilities?

Once you give 6Scan access to your website – either by providing FTP credentials or by installing a CMS plugin – 6Scan can connect to your site and patch any security vulnerabilities immediately. The patch typically only takes a few seconds to be applied, after which you will be secured from attack.

How long does it take for a scan to complete?

I have just signed up for 6Scan with a new site, and it is running my scan now. How long will the scan take?

Scanning a website can take anywhere between a few seconds and a few hours. In some extreme cases, it could even take up to 24 hours for the scan to complete! This is because 6Scan needs to analyze every page, form and field on your website while looking for security vulnerabilities. On sites with hundreds or thousands of pages, this could take a very long time.

Please note that 6Scan’s scanner is specifically configured to request pages from your server slowly – 2 requests per second. While this does make the scan take longer, it also ensures that your server does not encounter undue load while the scan is in progress. We want to make sure the scan does not interfere with your website’s legitimate traffic.

How does 6Scan scan a site for vulnerabilities?

6Scan looks for vulnerabilities in the following manner:

6Scan will scan and analyze all pages on your site. We will follow all internal links and forms so that we do not leave out any pages.
6Scan will then search your site for forms and form fields on all the pages analyzed. These may be simple forms, such as search forms or login forms, or more complex forms with many fields, such as signup forms or application forms.
For each form and field, 6Scan will try a series of simulated attacks against your server. These are harmless and will not compromise or exploit your site in any way; they are just designed to find out if the server is vulnerable to a certain attack or not.
If one of the simulated attacks is successful, 6Scan will show you an entry on your dashboard with details on where the vulnerability was found and what type of vulnerability it is.

How do I move my license to a new site location?

My site has moved to a new URL. How do I transfer a subscription I purchased for my old site to my new site?

Easy! From your Site Manager, you can simply downgrade your old site and upgrade your new site in its place. Follow these instructions:

Step 1: Click here to access your 6Scan Site Manager.

Step 2: Add your new website by entering its URL in the Website Address box on the top of the page, and clicking Add Website.

movesite_1

Step 3: Find your old website under My Websites. Click the down arrow in its Action column, and select Downgrade. Confirm you want to downgrade the site.

movesite_2_sml

Step 4: Find your new website under My Websites. Click the Upgrade menu in its Account column, and select the license you purchased for your old site.

movesite_3_sml

That’s all! Your new site will now have the same features that your old site previously had. If you no longer require scans on your old site, you can uninstall it from its Action dropdown menu.

Proxy/CDN Website Security Services with 6Scan (i.e. CloudFlare, Incapsula)

Users with Proxy/CDN Website Security services installed may encounter problems using 6Scan’s security scanner, due to those services mistakenly blocking 6Scan’s vulnerability scans.

To allow 6Scan to find and fix vulnerabilities on your site, you’ll need to add the following 6Scan IP addresses to your services’ list of trusted IP’s:

192.96.201.13
108.59.1.37
108.59.5.197
198.7.62.83
108.59.2.209
95.211.58.114
95.211.70.82
107.22.183.61
78.47.11.131
78.47.98.124
199.115.112.90
162.210.198.6
198.7.59.8

Can I use 6Scan to migrate a web site to a new server?

Yes, however only with our plug-in for WordPress! If you are using 6Scans’s WordPress Plug-in, you can use our database and file backups to install a copy of your website on a new server. How you will do this depends very much upon the tools your hosting provider gives you, but in general, the steps you will need to follow are:

Download the latest file and database backups from your old server.
Upload the file backup to your new server and extract it into the web root (this is usually easy to do with the hosting provider’s file management tool).
Create a new database on the new server and import the database backup into it (many hosting providers provide the phpMyAdmin tool which will allow you to do this in just a few clicks).
We recommend you use the same database name and credentials that you used on the old server. If you do decide to change them on the new server, you will need to use your file manager to edit wp-config.php in the web root and enter them.
These steps should only take a few minutes, and will result in the exact same site operational on a new server.

DNS Warning while configuring FTP Settings in 6Scan Dashboard

If you received a DNS Warning message while trying to configure FTP Settings for your website within the 6Scan Dashboard, it means that the 6Scan servers have experienced some issues trying to resolve the IP information of your webserver and are having difficulty in trying to connect to it.

For those that ARE familiar with DNS, you probably do not need any additional information regarding these errors.

For those that are NOT familiar with DNS, here’s a brief explanation for you. The Domain Name Service (DNS) is a very important and essential part of the internet that is responsible for translating an easy to remember website name (like www.google.com) into an IP Address (74.125.239.19) which is required to communicate over the Internet. Without DNS, trying to communicate over the Internet would be practically impossible.

While configuring FTP credentials into 6Scan, we actually go through some verification processes that allow us to verify that we are connecting to the correct webserver before we actually connect and complete the configuration of our 6Scan Agent. You have received this warning because during this process of trying to translate the URL of your Website and/or FTP server, our DNS lookups either failed or showed inconsistent results. This could be caused be the following:

The URL of the FTP server you entered into the 6Scan Dashboard does not translate to the same IP Address of your website. In most cases, this would mean that the website you are trying to protect is actually on a different server.
Resolution: Check to make sure the URL entered is actually the correct address. You can verify this address by checking in your Hosting Control Panel or checking with your Hosting Provider.

DNS changes were made and those changes have not completely propagated or replicated across the internet yet. If this is a new domain, you’ve recently moved your website to a different Hosting Provider, or you’ve just made some changes to DNS records in general, these changes actually take time to take effect. The amount of time this actually takes really varies depending on how different DNS servers are configured throughout the Internet. Typically, these type of changes should not take longer than 24 hours to take affect across the entire Internet.
Resolution: Time. This is how DNS works, and you’ll just have to wait until your changes are updated across the Internet. Wait a few hours and try again if the FTP configuration fails and you receive this warning.

For additional assistance or tips related to FTP Settings, please see http://6scanopedia.com/how-to-create-an-ftp-account-for-6scan/.

Error #S302: your email address is already registered on 6Scan.com

6Scan partners with several Web Hosting Providers, in which access to 6Scan services are also provided through the hosting provider control panels. If you have encountered “Error #S302: your email address is already registered on 6Scan.com” while trying to register your site with 6Scan through your cPanel account provided by your web host, it is caused by the specific scenario below.

Cause – Your email address configured in cPanel has already been registered directly with 6Scan prior to attempting to enable the site via your Hosting Provider’s cPanel account.

Resolution – Since you’ve already registered for a 6Scan account directly with the same email address being used by your cPanel account, you will not be able to access 6Scan via cPanel. You will have to access your 6Scan account by going directly to 6Scan.com. There is no degradation in service and all functionality will remain the same, however you will not be able to access your 6Scan Site Manager/Dashboard via cPanel.

If you insist on using cPanel to access 6Scan, one workaround option would be to use a new email address and follow the instructions below:

Login to your existing 6Scan account at 6Scan.com.
Uninstall all existing sites associated with that account.
Login to your cPanel account and change the email address used for cPanel:
Under the Home screen in cPanel, click on “Update Contact Info” under the Preference section.
Enter a NEW email address to be used by cPanel and 6Scan and click Save. You might also want to update this same email address with your hosting company’s billing system.
Now click on the 6Scan link within cPanel, under the Security section, and register your sites by clicking on the “Protect My Site” button next to each relevant site.

How do I add the 6Scan Security Seal to my website?

If you’ve scanned your site with 6Scan and have a Clean or Secure site, you can use our Security Seal to display to your visitors that you take security seriously and that their visits to your site are safe!

It’s quite simple to display the 6Scan Security Seal on your site and we’ll provide some easy instructions that will help you accomplish this on some common platforms.

First off, the status of your website in the 6Scan Dashboard must either be Clean or Secure. If this is the case, you need to start off by going to the Settings -> Security Seal tab inside your 6Scan Dasbhoard:

seal_1

From here, you’ll need to decide on the size and transparency of how you’d like the seal to display on your website. Once you’ve decided on the size and transparency, simply select and copy the auto-generated code presented just below that section. See below:

seal_2

Note: You can always go back and change the size and transparency as needed, and new code will be auto-generated. Also note that you can modify the code as needed, e.g. if you’d prefer to have the 6Scan Seal positioned on the left instead of the right side of your website.

Now that you have the code, all that is left for you to do is to add this code to your website. Here’s some guidance on where to place this code in case you are not aware.

For WordPress sites:

Find the main file being used by your Site theme. This is typically in the directory wp-content/themes/<theme_name>/footer.php. You can verify the theme being used by your site by checking in the WordPress backend under Appearance -> Themes.

Note: It’s wise to make a backup copy of any file prior to altering the file.

Once you’ve found the file footer.php for your active theme, open the file and past the copied code from the 6Scan Dashboard right before the </body> tag. Save your file, and your 6Scan Security Seal should be displayed on your website.
For Joomla sites:

Find the main file being used by your Site template. This is typically in the directory templates/<template_name>/index.php. You can verify the template being used by your site by checking in the Joomla backend under the Template Manager.

Note: It’s wise to make a backup copy of any file prior to altering the file.

Once you’ve found the file index.php for your active template, open the file and past the copied code from the 6Scan Dashboard right before the </body> tag. Save your file, and your 6Scan Security Seal should be displayed on your website.

If you have further questions, feel free to contact us at support@6scan.com.

How to create an FTP account for 6Scan?

6Scan needs access to your web server in order to fix vulnerabilities, perform local file scans, and remove malware from your website automatically. If you would like to benefit from the full comprehensive set of features offered by 6Scan, you must supply FTP credentials for your website into the 6Scan Dashboard. You can do this by logging into your your 6Scan Site Manager, finding the site that you wish to configure, and entering its dashboard. Once in the Dashboard, simply go to the Setting section, and click the FTP tab. You are typically given FTP credentials to your web server when you initially setup. This allows you to upload files to your hosted server. If you are unfamiliar with FTP or do not have these credentials readily available, the easiest way to obtain FTP credentials would be to simply create them.

Here’s a nice video tutorial that will walk you through creating a new FTP account and pointing you to where to find the credentials that will be needed to configure 6Scan.

Remember, the user you create must have access to your entire website. Make sure when you create this new FTP user account, you set the Directory to be “/public_html” or simply “/”.

Once your new FTP user account is created, simply add it into the 6Scan Dashboard. You can either manually enter the directory path of your website during this configuration, or use the AutoDetect option (AutoDetect may take a bit longer for our service to find your website files directory).