WebAgain - Automatic Web Site Protection

WebAgain protects your web site 24/7 and kicks into action to automatically repair the content damage caused by hackers.  When a hacker's handiwork is detected, WebAgain automatically reposts the original content and sends an e-mail notification when unauthorized material is detected. 

  • Automatically detects web site hacks 

  • Automatically reposts your original content

  • Sends e-mail notification when alert you of the repair

  • Archives web site content and stores multiple revisions

  • Scans your web site according to a schedule you define

  • Detects when extra files are being posted to your web server by hackers and removes them

  • Single installation protects multiple web sites and mirrors

  • Protects web sites hosted on any platform:  Unix, Linux, Windows

  • Protects web sites hosted locally or at a third-party location

  • Simultaneously published content to multiple sites for you

      WebAgain wins SC Magazine "Best Buy" award!

What people are saying about WebAgain:

"WebAgain is a very impressive web site anti-defacement utility... a product like WebAgain will be in serious demand..." - SC Magazine

"WebAgain will ensure that your web site is available, reliable and has integrity."
Berni Dwan, SC Info Security Magazine

"WebAgain... is a simple tool that can help companies guard against data and reputation compromise...(and) quickly provide a layer of protection against Web site vandalism..."

"WebAgain is a great idea..."
Network World Fusion

"(WebAgain) helps complete our security circle."
Michael Johnson, Chief Systems Engineer, Salt Lake City Corp.

Don't let hackers change your web site.  Minimize the effects that defacements can have on your customers, suppliers, and shareholders. Protect your web site with WebAgain.

Case Studies:
Salt Lake City Corp.

White Papers:
Why Firewalls Fail to Protect Web Sites (PDF)
Automatic Repair:  A Security Best Practice (PDF)


WebAgain - Download Form

If you are interested in WebAgain, please send an email to:  sales@lockstep.com


WebAgain - System Requirements

WebAgain Server:

  • Operating System:  Windows 2003 / XP / 2000 or Windows NT 4.0 SP3 with Internet Explorer 4.0 (or later)

  • Memory:  128 MB or more

  • Storage Space:  WebAgain consumes 6MB of disk space at installation.

    WebAgain archives your web sites and any revisions that you make to these sites.  Therefore, adequate disk space must be available to hold your web site data files.  We recommend that your WebAgain server have free space in the amount equal to approximately three times the storage space used for your current web site files.  Please note:  you may need more storage space on your WebAgain server if you are protecting multiple web sites or if a site you are protecting grows in size or is frequently changed.

WebAgain Remote Administrator:

  • Operating System:  Windows 2003 / XP / 2000 or Windows NT 4.0 SP3 with Internet Explorer 4.0 (or later)

  • Memory:  64 MB or more

  • Storage Space:   6MB 


WebAgain - FAQs

What types of files does WebAgain protect?
WebAgain can protect any files associated with your web site.  As long as WebAgain has read/write privileges to the area on the web site where these are stored. This includes: HTML, XML, Java, external cascading style sheets, VBScript, Jscript, JavaScript, any graphics formats (GIF, JPG, PNG, etc).

Does WebAgain check for changes in my PERL and CGI scripts?
It can, if your scripts are stored in an area accessible to WebAgain. 

Note, if you publish executable files to WebAgain (.exe, Perl scripts, etc.), WebAgain cannot determine if the file is supposed to be executable or not. Therefore, if you publish your files to a system that does not depend on a filename extension to determine if the file is executable or not (i.e. Unix/Linux), you will have to manually change the attributes on the files.

Can WebAgain just protect a single file?
Yes, if it is the only file in a folder and all the other folders in the site are excluded.

Can WebAgain detect unauthorized additions to my web site?
Yes. WebAgain is able to detect additions to your web site were not sent through WebAgain. WebAgain will remove the unauthorized files and folders from the web site and put them in the Quarantine.

Is WebAgain only for corporate and business web sites, or can I use this on my personal home page? Do I need a registered domain name to use WebAgain?
No, WebAgain works the same with www.mycompany.com as it does with www.myisp.com/~myusername/homepage.html

How does WebAgain know that a page has been altered?
WebAgain offers two (2) different styles of checking:  a fast check and a thorough check.  The fast check is excellent for scanning lots of files very quickly.  The thorough check will check the contents of every file in your web site, looking for differences between the version of the file that is on the web site and the version of the file that is in the Archive.

Can WebAgain detect when unauthorized files have been added to my web site?

Will WebAgain keep hackers out of my web site?
No.  It just changes their work back to your original content within seconds (depending upon the scan time frequency you choose).

Will WebAgain prevent my web site from going down?

Will this protect my web site from “Denial of Service” attacks?
No.  Denial of Service attacks consist of large quantities of data being directed at your web server, not any content or structural changes being made to your web site.

Does the scanning process of WebAgain affect my page counters and Web trend reports?
Not if you use FTP because hit counters on UNIX web servers are implemented as CGI scripts which are linked into your web page. The hit counter data file is only updated when the page is read from the web server via HTTP. If you check your site via the FrontPage Server Extensions then the hit counters will increase when that page is checked.

Does WebAgain work with FrontPage Extensions?

Does the WebAgain server replace my existing Web server?
No.  WebAgain posts files to your Web server if an unauthorized change is made and monitors the files on your Web server for changes.

Can I install WebAgain on my Web server?  Is it recommended?
Yes, however this is not recommended since all the hacker would have to do is modify the files in the Archive and WebAgain would end up protecting their work and not yours.

How often can I schedule WebAgain to check my web site?
WebAgain can be set to check your web site down to a per minute basis, if desired.  Obviously, the more often your web site is scanned, the more CPU time will be utilized.  The default scan time is set at 15 minutes.

Does the size of my web site restrict how often I can have WebAgain check for changes?

How many mirror sites can be protected with WebAgain?
A single license can protect a single main site and an unlimited number of mirrors of the main site.

How many different web sites can be protected with WebAgain?
WebAgain can protect a virtually unlimited number of web sites.  However, the proper number of  licenses do need to be purchased.

How is WebAgain licensed?
WebAgain requires a license for every web site it protects.  However, one license number covers the web site and all mirror sites that go with it.

  • To have WebAgain protect your public web site and its 3 mirror sites, you need to purchase (1) WebAgain license.
  • To have WebAgain protect your public web site, its 3 mirror sites and your internal web site, you need to purchase (2) WebAgain licenses.

If WebAgain protects more than one web site, can each site be scanned at different intervals?

Does WebAgain make a backup of my web site? 
Yes.  WebAgain can create a Rescue Disk that contains a copy of the current web site. 

If I uninstall WebAgain, will it remove files on my web site? 

Can I import data from my existing site into WebAgain? 
Yes. When you create a site configuration, this option is presented. Note that if you enter multiple mirror sites, WebAgain will import its data from the first one in the list.

Can I change which web site to import data from? 
WebAgain always chooses the first site in the list of mirror sites to imports its data from. Make the site you want to import from, the first site in the list.

Does WebAgain work with UNIX Web servers (Apache, NCSA….)?

What type of security features does WebAgain offer?
1.  Remote administration option may be enabled/disabled.
2.  Remote administration may be allowed or restricted from certain machines.
3.  Ability to publish to WebAgain may be allowed or restricted from certain machines.
4.  If multiple network cards exist on the WebAgain server, you can selectively listen for connections on any one or all of the network cards.
5. Optional password can be enabled to prevent illegal remote access to the WebAgain server..

Will WebAgain's FTP server work as a general purpose anonymous FTP server?
No. Everything that is transferred to the WebAgain FTP server is stored in the Archive and not in a user selectable location.

What notification methods are offered?
When a change has been detected, WebAgain can send a notification via SMTP e-mail, Windows Event Log or SNMP.

Do I have to disable IIS services on my WebAgain Server?
Only if you want to be able to transfer web site files to WebAgain using FrontPage Extensions.

What publishing methods are supported?
WebAgain currently has the ability to receive and publish data using FTP, shared folders and FrontPage Extensions.

Can I publish to just one mirror site, instead of all of them?
No.  Once a version of the web site is published, it will be sent to all mirror sites – keeping all sites “in sync”. The only way around this is to change the web site configuration to remove all the mirror sites except the one you want to publish to. 

Can I re-publish individual files (pages) or do I have to re-publish the whole site?
Re-publishing can only be done on an entire site basis.  However, this does not mean that the whole site will be sent (via FTP, etc.) up to the web site.  WebAgain will compare the new version of the web site against the previous version and send only the files that have changes in them up to the WWW.  This cuts down on file transfer time.  

Do I have to publish using the same method (e.g. FTP) to all my mirror sites?
No. You can "mix and match" among your target sites. You can publish FTP to your UNIX/Linux computers and use FrontPage Extensions or Shared Folder to your Windows NT web server.

Can I publish archived versions of my web site?
Yes.  Just go to the archive section and choose the particular date you want to “roll back” to and press the Re-Publish button in the toolbar.

If I remove a target site from WebAgain, will it remove the files from the target site?

How do I put the newest version of my web site in the WebAgain Archive?
When you publish with WebAgain, a version is automatically stored in the Archive.

How many revisions of a web site can be kept in the Archive?
By default, we do not place a limit on the number of revisions. WebAgain can publish more than one site for you (i.e. an external and an internal web site), and store unlimited versions of each site.  If your web sites are particularly large or you wish to limit the amount of disk space WebAgain uses, you can specify how may versions to store in the Archive.

What happens to the Archive when a limit is reached?
The oldest versions are deleted. 

Oops, I imported too much data from my web site. Can I remove things from the Archive?

What is the Quarantine Area?
WebAgain's Quarantine area is the place where files that have had an unauthorized changes made to them are stored. Files can be saved to removable media for evidence gathering should you decide to pursue a legal response.

Can I save quarantined files to another location (for use later as evidence)?
Yes.  Highlight the name of the quarantined file and press the Save button.  Files, folders, or the entire web site can be saved to external media.

Can I republish files that accidentally end up in the Quarantine?

Can I delete files in the Quarantine?
Yes, files, folders and entire mirror sites can be removed when you no longer want them. Note, this is a permanent operation and there is no "undo" for this.

Why aren't all the graphics being displayed?
When viewing hacked files in the Quarantine, you may not see the associated graphics. WebAgain looks for the graphics in the Quarantine and in the associated website in the Archive. If they do not exist in either of these places, they will not be able to be viewed. This issue should only occur if the web site does not have the Additional File Checking feature enabled because in this mode, files which were added to the web site outside of WebAgain are ignored. If the Additional File Checking feature is enabled, then the additional files are detected will be removed from the web site and placed in the Quarantine at which point they will be able to be viewed.

Is WebAgain a firewall product?

Will WebAgain work with my existing firewall product?
WebAgain does not integrate with any firewall product.  It is assumed that the WebAgain server will reside behind your firewall.

I already have a firewall.  Why do I need WebAgain?
WebAgain is designed to complement your already existing security infrastructure. Firewalls and intrusion detection systems are a good start, but they do not help you clean up if someone does slip by their defenses. WebAgain makes sure your public image on the Web is protected should they try and post false information or deface your site.



Backup for Workgroups




Lockstep Systems, Inc.  *  Scottsdale, AZ 

Support  |  Contact  |   Privacy   |  Legal

Copyright © 1999-2018 Lockstep Systems, Inc.  All Rights Reserved.