Q

How to protect a website from malware redirects

Malware redirects are a serious hazard in the jungle of infiltration exploits; Nick Lewis explains how they can be avoided.

Not long ago, hackers took over Oracle's MySQL.com and installed a JavaScript code on the site that redirected visitors and attacked their systems with a BlackHole exploit kit. Is there any way to prevent websites from automatically redirecting, aside from (in this case) turning off JavaScript?

Ask the expert!

Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)

There are ways to control JavaScript or block JavaScript redirects on the client side by using browser plug-ins like NoScript. Potentially, a more general browser security tool may be used that might be included in a host intrusion prevention system (HIPS) or antimalware suite to block JavaScript redirects. A Web proxy is another good way to block redirects from a network.

Regardless of these tactics, there are many different redirect methods, that don’t use JavaScript, that can be used by attackers. A Web server can be configured to redirect webpages by issuing a HTTP 3xx redirect command, sending a browser to a different website. There is even an HTML tag for meta-refreshes that could generate a redirect. Many popular websites now perform URL shortening, which is a form of redirection, so you may want to evaluate if blocking redirection is worth the effort given the decrease in functionality.

If a network's endpoints have been hardened from malware attacks, the minimal security risk from redirection should not significantly increase the number of malware infections.

This was first published in April 2012

Dig deeper on Web Server Threats and Countermeasures

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close