Gravityscan Help

What is Gravityscan Accelerator?

Gravityscan provides two kinds of scans. The first is a ‘remote scan’ which connects to your website from the Gravityscan servers and performs a scan. The second kind of scan that Gravityscan provides is a ‘full scan’. A full scan scans your site remotely and in addition to this it also scans your website source code. A full scan requires that you install Gravityscan Accelerator. This page explains what the Accelerator is and why it is needed to perform a full scan.

Some Malware Hides in Source Code

Your website source code is code like PHP, Python, Perl or Ruby that actually produces the HTML that your website visitors see. Your site visitors never see your source code. They only see the finished product which is your website HTML rendered in a web browser.

Gravityscan does a great job of trying to find malware when it scans your site remotely. But sometimes it is impossible to find malware through a remote scan because the malware is hiding in the website source code.

To find malware in website source code, Gravityscan needs a helper application that actually runs on your server. You can think of this helper application as a kind of ‘agent’ that works on the server and that Gravityscan communicates with using the web protocol HTTP. We call this agent the “Gravityscan Accelerator” because it makes scans faster and much more accurate.

The Gravityscan Accelerator is Secure

The Gravityscan Accelerator uses strong cryptographic techniques to ensure that only the Gravityscan servers can communicate with the agent. Our team includes senior security analysts and developers who are well known for their work in website security and vulnerability analysis. They designed the Accelerator to be tamper proof.

The Accelerator uses public/private key signing to ensure that only the Gravity servers are able to access the Accelerator and give it tasks to complete. We have built additional security mechanisms into Accelerator to prevent things like ‘replay’ attacks. Furthermore, the Accelerator can not execute arbitrary code on your system. It is limited to read-only operations on your filesystem to assist with malware and vulnerability scanning tasks.

Accelerator is built to be secure from the ground up. It provides continuous high performance scanning to ensure your site stays hacker free while providing excellent scan performance.

The Accelerator Makes Scans Faster. Much, Much Faster.

The Gravityscan Accelerator significantly accelerates scans. Without the accelerator, we can only perform a remote scan of your website. Malware often hides in URLs that are not part of your normal site navigation. That means that a crawl of your site will not locate that malware.

Gravityscan does a great job of checking URLs that are known malware locations. It also crawls your site to try to find malware URLs. But without being able to view your website source code, Gravityscan must do a lot of guess work to find malware and to determine your site navigation.

By installing the Accelerator, Gravityscan can see all files and directories belonging to your site and it removes the guesswork. This massively accelerates the time it takes to scan your entire site. By installing the Accelerator, Gravityscan can do much more work in far less time.

Installing Gravityscan Accelerator is Easy

To install the Accelerator you need to sign into Gravityscan. Add a new site. Then simply click the ‘Manage Site’ tab when viewing your website.

 

On the left of the “Manage Site” page, click the “Install” button for the Accelerator. You can then download the Accelerator and upload it to your website document root directory. The instructions explain how to verify that the Accelerator is installed and working.

You can then click ‘Verify’ and the Accelerator will become active. Your next scan will be significantly faster and accurate.

Report a Bug