More recently, the BBC reported on hackers that have managed to install code on the various websites that use visitors’ computers to “mine” cyber-currencies.
The monitor is currently configured through the User Journey configuration screens as it currently runs as a Security Module against a User Journey.
Visiting the Journey Settings you will now see a JS Security tab. The first time you visit this tab you will be presented with the screen below advising you that the monitor is not running:
Both of the scenarios above will cause what is called a false positive, something that appears as a warning but is normal.
We have developed a solution that allows you to baseline your configuration to identify any dynamic files that may need adjusting so as to not produce a lot of false positive warnings or alerts.
Looking at the example below we can see that the file has what looks to be a version number:
Clicking on the Edit button allows you to set the filename to Begin With: rather than an exact match. We can edit the filename to begin with the name before the dynamic element. This will still be matched so a warning will not be generated for the file if anything after the filename changes.
One approach to baselining is to leave the monitor running to see how many warnings it fires and then to look at each warning to ascertain how to prevent the warning from happening by editing the file name and setting a Begins with:
RapidSpike are offering Professional Services to configure this for clients utilising their experience so feel free to get in touch if this is something you are interested in.
By default, you only receive a warning through the User Journey system when a problem is identified. If you would like to receive an email alert, you can browse to the User Journey Rules of the Alert Settings and configure an alert.