Everyday thousands of websites get hacked and malware scripts are attached to their source code in order to execute some action/damage to future users. When visiting malware website your are at risk to get infected and it can steal sensitive information of personal, financial, or business importance that can be used later by the creators of the malware.
By definition Malware is short term for malicious software that is used to discrupt computer operation, gather information or gain access to remote systems. There are variety types of malware such as computer viruses, ransomware, worms, trojan horses, rootkis, keyloggers, spyware, adware and other malicious programs.
So question is, how we can protect our users visiting malware website or submitting a malware website to our systems?
Google Safe Browsing
The answer is in Google and their Google Safe Browsing service that enables applications to check URLs against Google's constantly updated lists of suspected phishing and malware pages.
Using this service we can check if some website is marked as malware and take the necessary actions to protect our users or our systems.
Free Website Malware Check
To see Google Safe Browsing in action just enter any website url below and click 'Check Now', the system will return if the website exists in google malware list and is marked as infected or not.
Integrate Google Safe Browsing Lookup API
Before coding a script for using api first you must apply for API Key. To do that visit below link:
https://developers.google.com/safe-browsing/key_signup
Notice: In order to get API Key you must have Google Account because the API Key is associated with it. If you don't have Google Account create one and then visit the above url.
Now, when you got the API Key you should insert it into below script that will do requests to Google Safe Browsing API.
$httpStatus,
'data' => $data
);
}
/**
* Function for analyzing and paring the
* data received from the Google Safe Browsing Lookup API
*/
function send_response($input) {
if (! empty ( $input )) {
$urlToCheck = urlencode ( $input );
$url = 'https://sb-ssl.google.com/safebrowsing/api/lookup?client=' . CLIENT . '&apikey=' . API_KEY . '&appver=' . APP_VER . '&pver=' . PROTOCOL_VER . '&url=' . $urlToCheck;
$response = get_data ( $url );
if ($response ['status'] == 204) {
return json_encode ( array (
'status' => 204,
'checkedUrl' => $urlToCheck,
'message' => 'The website is not blacklisted and looks safe to use.'
) );
} elseif ($response ['status'] == 200) {
return json_encode ( array (
'status' => 200,
'checkedUrl' => $urlToCheck,
'message' => 'The website is blacklisted as ' . $response ['data'] . '.'
) );
} else {
return json_encode ( array (
'status' => 501,
'checkedUrl' => $urlToCheck,
'message' => 'Something went wrong on the server. Please try again.'
) );
}
} else {
return json_encode ( array (
'status' => 401,
'checkedUrl' => '',
'message' => 'Please enter URL.'
) );
}
;
}
$checkMalware = send_response ( $_POST ['url'] );
$checkMalware = json_decode($checkMalware, true);
$malwareStatus = $checkMalware['status'];
echo $malwareStatus;
?>
From the code you can see that the script sends HTTP GET Request to Google Safe Browsing Lookup API and as response receives JSON string that is analyzed in "send_response" function.
The response returns 4 values for status:
- 204 - The website is not blacklisted and looks safe to use.
- 200 - The website is blacklisted as [more_google_data].
- 501 - Something went wrong on the server. Please try again.
- 401 - Please enter URL.
Other Posts You Might Like