website security

Website Security: Web Monitoring Tips for Keeping Your Site Safe

With the constant threat of DDoS, DNS attacks, malware, and data breaches; website security is a top priority for today’s tech teams.

You’ve taken the appropriate measures. Your domain uses HTTP/S, SSL encryption, and is locked up tight. Or is it?

In 2018, Symantec reported over 70 million records were leaked or stolen because of misconfigured S3 buckets. This simple cloud storage configuration mistake created big problems for many companies.

The truth is attacks get more sophisticated everyday. You can never be too careful.

Web monitoring does more than check availability. Did you know you can set up checks to alert you to changes that may indicate an attack?

Here are some of the ways you can use web monitoring services to catch attacks quickly.

Keep an Eye on SSL Certificates

SSL is the standard in data encryption, and although Google has been encouraging SSL adoption for years, (even using it as a ranking factor) some websites were slow to adopt. In July 2018, a Google Chrome update added a “Not Secure” message in the address bar for any website without SSL encryption.

SSL is important because hackers can intercept sensitive data during transmission. Encrypting data such as financial transactions or forms, protects you and your customer’s personally identifiable information from theft. If you sell anything online, then it’s required to have one anyway.

When an SSL handshake fails, users see a warning your site is unsafe. However, an HTTP/S Check won’t catch the problem because the site is technically still available.

SSL Checks inform site administrators of expiry dates well in advance, ensuring this small continuity error doesn’t break the user experience.

SSL isn’t just for websites, either. You can create checks for each of the following protocols to discover communication vulnerabilities throughout your web infrastructure.

Set up a check for each of the following protocols for extra protection:

  • Mail servers (SMTP, IMAP, POP)
  • LDAP
  • XMPP
  • FTP

Stay Off The Dreaded Blacklist

Public and private blacklists collect domain names and IP addresses of suspected spam websites. Inclusion on one of these blacklists can have devastating consequences.

The Uptime.com Domain Blacklist Check compares your site against approximately 100 of the most popular spam blacklists once a day. An alert tells you which list or lists you’ve been added to for further investigation.

Though you can manually request removal, these lists change often and you may just have to wait for removal.

Note: This is different than Google Blacklisting, where your site is blocked by user browsers because of suspected phishing, malware, or unwanted software.

Verify Site Ownership With WHOIS/Domain Expiry Checks

In the wrong hands, WHOIS information is a goldmine for spammers. That’s why major domain registrars give website owners the ability to mask personal information.

Even if your personal information isn’t included in your site’s WHOIS record, changes in your WHOIS information can be an indication of something fishy.

WHOIS/Domain Expiry Checks are an easy way to ensure your site registration information is correct. When there’s a change, you’ll get an alert that provides the new information.

Sometimes, the change is valid. If the information returned is different than expected, check with your domain registrar or host.

Find Malicious Software With Virus/Malware Checks

Symantec states web attacks are up 56% and 10% of URLs are malicious.

Losing organic traffic? Have you checked whether your site is blacklisted by Google? Even if it’s virus-free, Google blacklists sites with unwanted software, or those suspected of phishing. This includes more than just malware.

Uptime.com Malware/Virus Checks compares your site against the Yandex and Google Safe Browsing Lists once a day. An alert tells you when there’s a problem, so you can begin removal immediately.

Get a Heads Up On DNS Record Changes

Unauthorized DNS record changes are often a sign of man-in-the-middle attacks.

Wouldn’t these DNS name changes cause an SSL connection problem?

Usually.

But these particular attacks often go unnoticed because the attacker uses the new DNS information to setup a valid SSL certificate for a compromised site. This keeps browsers from blocking access because the information appears to be valid.

Even if your site isn’t under attack, DNS misconfiguration causes security vulnerabilities and site availability issues.

Create a DNS Check to monitor changes to your DNS records, or check each record individually for extra protection.

If you see a problem with your DNS records, check with your web hosting service before jumping to conclusions. Sometimes changes on their end can cause failures.

Website Security and Monitoring Go Hand-In-Hand

With web attacks on the rise, now’s the perfect time to use your web monitoring software to check for vulnerabilities.

Engage in website security best practices like using strong passwords and regularly changing credentials. Keep software updated and use Multi-Factor Authentication when appropriate.

By continually monitoring your domain, you’ll be notified quickly of issues that could indicate a security breach.

Minute-by-minute Uptime checks.
Start your 21-day free trial with no credit card required at Uptime.com.

Get Started

Don't forget to share this post!

Avatar

Sharon McElwee is Uptime.com's content manager. Her focus is helping the team create great content for Uptime.com users. Sharon lives in Central Virginia, USA and enjoys scrapbooking, building websites and hiking.

Catch up on the rest of your uptime monitoring news