Malicious code is hidden in the source code of your website and can be difficult to detect without line-by-line analysis. Some malware is activated by the display of a page and may not be detected without behavioral analysis of your code using a browser simulator. When you protect your website with a DigiCert SSL Certificate, we include a free daily malware scanning service for your public web pages. If malware is detected, you will be directed to a list of infected pages and notified of the code causing the problem. Once you have deleted all instances of the code, you can request that your site be rescanned within 24 hours.

The daily website malware scanning service scans the website code located at the hostname used in the SSL certificate, including javascript and iframes. The service completes a static analysis of website code as well as behavioral analysis through a browser simulation to find code that may be activated by display of a page. The service does not scan every web page on your website, but reviews an optimal number of pages to identify malicious activity. It does not scan your network or search for malware on internal desktop computers or scan attachments or internal web pages that require sign-in.

If malware is discovered, you receive an email alert warning you of the malware infection with instructions to access the scan results within your Trust Center account or your DigiCert PKI Platform for SSL console. The Website Security Services tab shows a list of infected pages and the code causing the problem. You or your website administrator can find and delete all instances of the malware and request that your site be rescanned within 24 hours.

The website malware scanning service is activated automatically when your business has been authenticated. There is nothing to download or install for you or your customers. If you decide that you do not want your website protected by a daily website malware scan, simply sign in to the Trust Center or DigiCert PKI Platform for SSL console to deactivate scanning.

Scanning occurs by host name. You may have many servers, each one secured by a unique SSL certificate and all of them providing content to a single hostname. The scan is of the html pages located at the hostname, not the servers themselves. As long as you have one active SSL certificate with the hostname, malware scanning is activated. If you decide that you do not want your website protected by a daily malware scan, simply sign-in to the Trust Center or DigiCert PKI Platform for SSL console to deactivate scanning of the hostname.

Malware scanning may be turned on or off by signing in to your Trust Center account and clicking the Malware tab or signing into your DigiCert PKI Platform for SSL console. Specific pages or sections of your website cannot be targeted.

No. DigiCert's website malware scan is designed to provide additional assurance to business owners and their customers that the site is regularly checked for malicious code. Traditional anti-malware software focuses on the end point: the desktop. Most enterprise scanning solutions are designed to protect employees from downloading or installing malware rather than protecting the company’s website from distributing malware.

Because of the potential damage caused by malware, Google, Yahoo, Bing, and other search engines scan and then blacklist or exclude any site found with malware. If your site is blacklisted, it may be blocked entirely or flagged with a security alert to discourage click through. In addition, anti-virus plug-ins to popular browsers can detect malware and block access to infected sites.

Like most thieves, malware hackers look for easy targets—such as a website where malware will go undetected for as long as possible. Posting the Norton Seal on your website is like posting an alarm security sign in your front window. It shows hackers that your site is scanned daily to detect malware.