Website Security Monitoring and Alerting
New vulnerabilities are discovered daily and hacker communities are growing across the web. Exploitable websites are easy to find, and every website is a target. Whether you have been hacked once or plagued with reinfections, we are here to help you respond quickly when you need it most. While we perform the clean up, you can see all of the security monitoring and alerting benefits that are available to you.
Frequent Remote Scans
The key to good scanning is configuring it to operate continuously. This is exactly what we've built for you. Upon logging into your dashboard you are able to add a website quickly to your configuration and set the scanning frequency. The scanner will proceed to crawl your website within minutes of addition. It will navigate the various links on your page and dive deeper as it follows your sitemap. Within your dashboard you'll be able to quickly see and identify the various links scanned. If an issue is identified, you'll be presented with a breakdown of the various issues so that you can take immediate action. Additionally, if anything suspicious is found, we will alert you so that appropriate action can be taken.
Heuristic Server Level Scans
Remote scans are but one piece of a very big puzzle. Because of the nature of remote scans, there are certain things that can never be seen. This is specific to things like Backdoors, Phishing lures, Email scripts, DDoS Scripts, and other similar infections. These types of infections avoid any external impacts to your website visitors. Instead, they focus on abusing your web server resources. Because of this, it's important that you always configure server level scans.
Using FTP/sFTP/SSH credentials, you can activate our server side scanner within your Sucuri dashboard. We are happy to set it up for you as well. This scanner allows us to access the back end of your website. It thoroughly scans your server files and database to identify infections, potentially harmful signatures, code anomalies, and suspicious behavior. Again, similar to the remote scan, if anything seems off, you receive an instant security alert so you can take action.
Being one of the first and most effective security scanners on the market allows us the luxury of establishing some great relationships. Through our relationships we keep tabs on various blacklisting authorities that monitor for malware, SPAM, Phishing lures and various other malware and non-malware related security events. This option is on by default for new accounts.
Our monitoring makes use of various API endpoints, allowing us to keep close tabs on your brand reputation online. It checks for the warning signs of potential blacklisting. Blacklisting can be devastating to a website, from splash pages blocking visitors to warning notes next to search results. Sucuri can get you off the blacklist quickly. You will be alerted immediately when your site is blacklisted by: Google, Norton, AVG, Phish Tank, McAfee SiteAdvisor, SpamHaus, Bidefender, Yandex, Opera, or ESET.
If your WHOIS records change, we are able to notify you. WHOIS is an internet directory providing information about domain ownership. The records are regulated and monitored by the Internet Corporation for Assigned Names and Numbers (ICANN) which is responsible for registration of all domains. This record contains information about the Registrant (the person who owns the domain), the Registrar (the entity that registered the domain), the dates, name-servers, and other important information related to your domain. Many website owners fail to pay much attention to their WHOIS information, but closely monitoring this information can often give you insights into malicious activity.
DNS Change Notifications
The Domain Name System (DNS) is a naming system used by all computers to identify websites. The DNS settings turn a domain name like www.example.com, into an IP address, like 123.45.567.891. The address we type in the browser is translated by DNS into the IP which is what the computers use to communicate. This monitoring option will monitor the IP address and associated DNS information of your domain for any changes. Similar to the WHOIS monitoring, monitoring your DNS settings can be key to quickly identifying when something is wrong. Attackers have been known to redirect legitimate traffic to malicious websites by targeting a website owners' DNS.
SSL Change Notifications
If your website uses a Secure Socket Layer (SSL) certificate, we can let you know if it changes unexpectedly. E-commerce websites often use SSL to transmit over HTTP securely. The SSL certificate is returned to website visitors and often contains your site information and, in some instances, company information. If using an SSL certificate, this option allows you to ensure it doesn't change unexpectedly, which could be very bad for business.
Website Integrity Monitoring
This is hardcore auditing, not enabled by default. This monitoring option creates a snapshot of your website and notifies you any time a change has been made. This option is for those of us who like total control over the integrity of a website (we tip our hats to you). Confirm all changes, including: new posts, new pages, content changes, social media engagement, and threaded discussions. This option is best used with static pages as it can generate a high volume of email notifications.
By default, you will receive an email if our monitoring service finds anything that you need to know about. You can specify additional email addresses, add a mobile phone number to receive SMS alerts, and receive direct messages on Twitter. We integrate with Google Hangouts, Jabber, and other instant messenger clients. You can even get a notification in your RSS feed.