Problem solve Get help with specific problems with your technologies, process and projects.

How to protect a website from malware redirects

Malware redirects are a serious hazard in the jungle of infiltration exploits; Nick Lewis explains how they can be avoided.

Not long ago, hackers took over Oracle's MySQL.com and installed a JavaScript code on the site that redirected...

visitors and attacked their systems with a BlackHole exploit kit. Is there any way to prevent websites from automatically redirecting, aside from (in this case) turning off JavaScript?

Ask the expert!

Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)

There are ways to control JavaScript or block JavaScript redirects on the client side by using browser plug-ins like NoScript. Potentially, a more general browser security tool may be used that might be included in a host intrusion prevention system (HIPS) or antimalware suite to block JavaScript redirects. A Web proxy is another good way to block redirects from a network.

Regardless of these tactics, there are many different redirect methods, that don’t use JavaScript, that can be used by attackers. A Web server can be configured to redirect webpages by issuing a HTTP 3xx redirect command, sending a browser to a different website. There is even an HTML tag for meta-refreshes that could generate a redirect. Many popular websites now perform URL shortening, which is a form of redirection, so you may want to evaluate if blocking redirection is worth the effort given the decrease in functionality.

If a network's endpoints have been hardened from malware attacks, the minimal security risk from redirection should not significantly increase the number of malware infections.

This was last published in April 2012

Dig Deeper on Web Server Threats and Countermeasures