What is Nimbusec?
Nimbusec is a web security monitoring system that gives a user an overview of website vulnerabilities and potentially dangerous actions on the web server.
What is a homepage fast scan interval?
During a quick scan, Nimbusec checks only the main page with open/public access.
What is a website deep scan?
During this deep scan, Nimbusec checks all pages of the site with open/public access.
What is a server scan?
During server scan Nimbusec analyses files on the server. This allows detection of vulnerabilities as well as problems not visible with open or public access.
What is advanced defacement analysis?
Nimbusec can detect changes on the main page and notifies the user when anomalous changes occur, for example, main page is changed,, page content is replaced with one picture file or text is changed to Arabic etc
What is SSL analysis?
Nimbusec checks the validity period of SSL/TLS certificate on site, its chain and SSL/TLS configuration problems.
How does Nimbusec recognize malicious software?
Nimbusec analyzes files based on known antivirus signatures and behaviour pattterns when source code of files has been changed.
What information does Zone provide Nimbusec with, when the user orders the service through Zone+?
Zone provides Nimbusec the following:
ZoneID contact information
Domain name for monitoring
This information is necessary to compose and transmit scan reports.
Does Nimbusec copy user data to its servers?
No. Nimbusec scans files on the Zone server, only list of files and the hash composed based on these files are copied to the Nimbusec servers. This information is used to detect vulnerabilities and malicious software, as well as for composing the reports.
Find additional information on security policy here: https://nimbusec.com/en/privacy.html
Does Nimbusec work like a firewall?
No. Nimbusec is not an active tool for data monitoring. Unlike a firewall, which scans data in realtime, Nimbusec scans are performed at specific intervals.
Does Nimbusec remove malicious software from the server?
No. Nimbusec works only as a server monitoring system. Malicious software on the website must be removed by website administrator. Also, this service can be ordered either from Zone or Nimbusec.
Can I change the Nimbusec settings?
Yes. When Nimbusec is ordered and activated, you can enter the control panel via Zone+.
How will Nimbusec warn me about security issued and problems found?
By default, Nimbusec sends alerts via email. When “Aggressive” package is chosen, users will be notified via SMS as well. The ZoneID contact information is used when sending notifications. Nimbusec management can be accessed via Zone+.
Where can I see the results and history of Nimbusec scans?
The overview, report and history of scans are available in Nimbusec control panel, which is accessible via Zone+.
What to do if the result is false-positive?
If you are sure that the file detected by the Nimbusec doesn’t contain virus and malicious code, then you can mark it as “False positive”. In order to mark file as false-positive, in Nimbusec management choose “Bulk actions” and “False positive” next to the corresponding file.
When does the server scan take place?
The initial scan is performed within 15 minutes after the application is installed.
Server scans are scheduled according to chosen package as follows:
Basic: Every Sunday at 10
Advanced: Every morning at 8
Aggressive: Every 4 hours (0, 4, 8, 12, 16, 20)
The infected files are removed from the server, but are they still present on the report?
The deleted files will be present in report until the next scan is completed, i.e. scan results will be updated according to selected package. If you need to scan the server before the next scheduled scan, please contact the support at firstname.lastname@example.org.