• Use Cases
    • Type
      • EnterpriseHigh traffic websites with advanced functionality, such as booking, browsing or paying.
      • Small/MediumWebsites with low-mid traffic that have one or more key functionalities including checkout, sign-ups or account login.
      • AgenciesAgenciesWeb agencies that help clients build, maintain and improve their websites.
    • Industry
      • eCommerce
      • Travel
      • Gambling
      • Public Sector
    • Team
      • Technical
      • Digital
  • Platform
    • Platform
      • PerformanceRapidSpike’s performance tools help you improve website speed, so you can boost conversions and keep customers coming back.
      • SecurityProtection from web skimming attacks, scan for the latest vulnerabilities, check your external perimeter and more.
      • ReliabilityCustomer complaints can drive away future business. It’s vital you find, fix and prevent any issues fast.
    • Top Features
      • User Journeys
      • Magecart Attack Detection
      • Core Web Vitals Monitoring
      • Uptime
      • Alerting & Integrations
    • Take a guided tourLearn how RapidSpike can support your business today.
  • Customers
  • Learn
    • Learn
      • BlogNews updates and articles about web monitoring.
      • Knowledge BaseDocumentation and other resources for customers.
      • RapidSpike AcademyTraining courses and guided tutorials.
      • About UsWe help make the web faster, safer and easier to use.
      • PressSee what the press are saying about RapidSpike.
    • From The Blog
      • Return On Investment Website Revenue CalculatorReturn On Investment Website Revenue Calculator
      • 3 Website Reliability Metrics Councils Should Be Measuring3 Website Reliability Metrics Councils Should Be Measuring
      • Marketing Campaign Highlight - NEOMMarketing Campaign Highlight: NEOM Organics
      • The World Cup Of WebsitesThe World Cup Of Websites
  • Pricing
  • Log In
  • Get Started
  • Use Cases
    • Type
      • EnterpriseHigh traffic websites with advanced functionality, such as booking, browsing or paying.
      • Small/MediumWebsites with low-mid traffic that have one or more key functionalities including checkout, sign-ups or account login.
      • AgenciesAgenciesWeb agencies that help clients build, maintain and improve their websites.
    • Industry
      • eCommerce
      • Travel
      • Gambling
      • Public Sector
    • Team
      • Technical
      • Digital
  • Platform
    • Platform
      • PerformanceRapidSpike’s performance tools help you improve website speed, so you can boost conversions and keep customers coming back.
      • SecurityProtection from web skimming attacks, scan for the latest vulnerabilities, check your external perimeter and more.
      • ReliabilityCustomer complaints can drive away future business. It’s vital you find, fix and prevent any issues fast.
    • Top Features
      • User Journeys
      • Magecart Attack Detection
      • Core Web Vitals Monitoring
      • Uptime
      • Alerting & Integrations
    • Take a guided tourLearn how RapidSpike can support your business today.
  • Customers
  • Learn
    • Learn
      • BlogNews updates and articles about web monitoring.
      • Knowledge BaseDocumentation and other resources for customers.
      • RapidSpike AcademyTraining courses and guided tutorials.
      • About UsWe help make the web faster, safer and easier to use.
      • PressSee what the press are saying about RapidSpike.
    • From The Blog
      • Return On Investment Website Revenue CalculatorReturn On Investment Website Revenue Calculator
      • 3 Website Reliability Metrics Councils Should Be Measuring3 Website Reliability Metrics Councils Should Be Measuring
      • Marketing Campaign Highlight - NEOMMarketing Campaign Highlight: NEOM Organics
      • The World Cup Of WebsitesThe World Cup Of Websites
  • Pricing
  • Log In
  • Get Started

Back to Knowledgebase

Categories

Account & Billing

Getting Started

Performance Monitoring

Alerts & Notifications

Uptime Monitoring

Security Monitoring

Synthetic User Journey Monitoring

Interpreting Data

Assurance and Search

Sitemap Monitoring

Using RapidSpike to Monitor Security

Keeping your site safe and secure is essential. Malicious hosts, threats and attacks are common with news stories coming to light daily making it essential to monitor security. But on a day to day basis, security is maintaining control over who has access to your site and where you are sending your data. Websites are extremely complex and have many functions. It is common for sites to use many third-party tools, work with external companies and conduct regular internal changes, making it difficult to keep track of everything going on with your site.

All of our tools are here to help you identify potential security issues, for example, our assurance monitors keep an eye on SSL and constant webpage test monitoring can identify load time spikes and third parties. But this method is more reactive and relies on you checking in regularly with your account.

To ensure your site is secure and not sending data to untrusted hosts we offer a few different tools to protect your site:

  • Assurance
  • Attack Detection
  • Vulnerability Scans

As we cover Assurance monitoring in a previous article we will start by looking at attack detection.

Attack Detection

Attack detection is at the core of our security monitoring and works with your user journey monitors and real user monitoring.

Before looking at the main dashboard we will start with the setting screen. If it is your first time using attack detection your monitor currently won’t be collecting any data and this panel lets you choose where you are collecting the data from. Below is a screenshot of the settings dashboard:

Real User Monitoring

Firstly we will look at the Real User Monitoring Attack Detection to monitor security. Once you have enabled RUM within RapidSpike it will begin collecting data (If you are unsure how to do this check out our KnowledgeBase article here). You can specify the pages you would like to protect and easily add, edit or remove pages depending on your needs. Attack Detection gathers all data sent by users when browsing your sites, allowing you to single out potentially malicious hosts.

We highly recommend protecting core functions on your site, in particular, pages with sensitive data such as:

  • Payment Pages
  • Login Pages
  • Forms collecting personal data

If you have a site with a significant amount of daily traffic this will generate a significant amount of data and setting the ‘Real User Request Filter’ allows you to cut through some of that noise. As standard, we recommend the filter to show hosts seen by at least 75% of traffic however you may want to decrease this to get more in-depth information. If our Real User Monitoring encounters a host that meets the threshold you set it will display in the untrusted host’s section and send you an alert (Which we will cover later).

Just below this, you will see a tick box that allows you to auto-trust hosts that we have flagged on our global safe list. This list will include well-known sites that you would expect to interact with your site which are likely to be safe however you can leave this unticked and manually approve each host as it appears.

User Journeys

User Journey can collect a vast amount of data and can be used to check functions, gather performance data and much more. Attack Detection will alert you immediately when we encounter a host on your site within the path you have scripted.

Our user journey best practices suggest that each step equals one page which makes ticking and unticking steps in your attack detection easier to navigate. Similar to our RUM recommendation we would suggest you protect pages with payment data or anything that sends/receives sensitive data. As soon as you have ticked the appropriate sections and updated your settings, the data will be collected as soon as the next test runs. This data will be extremely useful as you monitor security.

Attack Detection Overview Dashboard

The overview dashboard gives you a snapshot of all the data collected as well as highlights things to be investigated.

The bar at the top of the dashboard outlines how many Untrusted Hosts have been detected and the total checks made along with the total hosts that have been seen. If you have RUM and user journeys protected, these numbers will likely be high due to the amount of data being tracked.

The Hosts Seen graph provides a visual representation for when hosts have been detected. When changes are made to your site or there is an increase in traffic you may see spikes in the graph. This data can help identify specific time periods when your site saw an influx of hosts which may need investigating, especially if this is combined with new untrusted hosts.

At the bottom of this dashboard is a separate view of both monitors running and the hosts they have identified. You will see in the screenshot below that ‘Synthetic Browser’ (User Journey) has detected more untrusted hosts compared to the Real User Monitoring.

Untrusted List

Once Attack Detection comes into contact with a host which hasn’t already been trusted or flagged as safe, depending on your rules you should receive an alert. You will find this new host in the ‘Untrusted List’. This list contains all hosts that have not been trusted. It is worth noting that even if we have flagged something as a ‘Known Safe Host’ it still may need to be trusted to be removed from this list.

By going into the details of a host you can see the host URL, the site discovered on, step discovered on (if applicable) and requests made. If you are unsure if a host is safe we highly recommend speaking to someone with security knowledge but do also provide a few links to gather more information:

  • WhoIs
  • OTX
  • VirusTotal

Once you have investigated the host, you can either Trust it, Add a note or send it to the trash.

Trusted List

The trusted list houses all hosts you have identified as trustworthy as well as the date they were trusted. You can also edit hosts within this dashboard to set the attack detection to match the exact host or match to a pattern. You can also trust hosts on specific sites in case you didn’t want something trusted account-wide. To monitor security effectively, keeping this list up to date will ensure you have full visibility over hosts and get the most out of the data.

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT

Start your free 30-day trial today

Start monitoring today, no credit card required. Or chat to our friendly team about your requirements.

Get StartedLet’s Talk

RapidSpike - Global eCommerce Winner 2021
RapidSpike - Northern Digital Awards Winners
RapidSpike - Insider Yorkshires Most Exciting Companies
RapidSpike - UK Dev Awards 2021 Winner
RapidSpike - Prolific North Top Tech 30 To Watch
RapidSpike - Cyber Accelerator Alumni

Copyright © 2023 — All Rights Reserved.

RapidSpike - AWS Well Architected
RapidSpike - AWS Partner Network
  • Solutions
    • Technical
    • Digital
    • eCommerce
    • Travel
    • Gambling
    • Public Sector
    • Enterprise
    • Small/Medium
    • Agencies
    • New Relic
    • Customers
    • Pricing
  • Platform
    • Performance
    • Security
    • Reliability
    • How It Works
    • Insights
    • Alerting & Integrations
    • All Features
    • Synthetic User Journeys
    • Google Lighthouse
    • Core Web Vitals & Performance
    • Page Load
    • Real User Monitoring
    • Vulnerability Scanning
    • Magecart Attack Detection
    • Uptime
    • Assurance & SEO
  • Learn
    • Blog
    • Knowledge Base
    • RapidSpike Academy
    • System Status
    • RapidSpike Roadmap
    • Log In
  • Company
    • About Us
    • Contact
    • Careers
    • Press
    • Privacy Policy
    • Terms & Conditions
    • Vulnerability Disclosure