The content of servers such as those hosting Internet web-sites, or devices such as routers are often tampered with by hackers or viruses. In some cases, one or more files such as web pages are removed from the server, whereas in other cases, their content is modified. Present systems and methods are available to provide varying levels of protection to server or device content. In one example, the security system produces digital signatures of a web-site's content and once a day checks the files to see if the digital signature matches. If the digital signatures of the files do not match, then the system notifies a designated user such as an administrator that the site has been tampered with. However, the system does not repair or replace the file or files that were tampered with.
In another example, a software product fits between a web server and the Internet. Whenever a web user accesses content on the website under control of the software, the software checks the digital signatures of the pages being accessed to make sure they match with the digital signatures stored as the master for those files. If the digital signatures don't match, then the system displays a notice to the user indicating that the site is down or under repair. This approach ensures that web user does not see any content that was altered, but instead just receives a notification that the site is temporarily unavailable. In both of these scenarios, the problem is not resolved, but rather it is merely identified. A network or web-site administrator still has to deal with the efforts involved in restoring the site to its previous state, either from a backup tape or other similar methods.
The problem with the present systems and methods have created a need for a more robust system and method for maintaining server data integrity and restoring content that was altered. The present invention is directed toward meeting this need.