Sansec logo

Sansec Security Monitor

Sansec

by Threat Research Team

Published in Knowledgebase − February 06, 2024

Learn about the global crawler that alerts online merchants to malicious code.

What is the Sansec Security Monitor?

Sansec Security Monitor is a helpful web crawler designed to improve e-commerce security. It has been monitoring about 400 thousand online stores since 2015 on a daily basis, while identifying and alerting merchants to any malicious code present on their sites. This early detection system is crucial for preventing data breaches and safeguarding both merchant and customer information. This service provides a vital tool in the fight against digital skimming (also known as Magecart).

Version1.0
Bot typeGood (Identifies itself, has an official moniker)
CategorySecurity
Obeys robots.txtyes
Obeys crawl delayyes (max 30 sec)
User-agent stringMozilla/5.0 (compatible; Sansec Security
Monitor/1.0; +https://sansec.io/monitor)
Reverse DNS suffixsansec.io
IP address rangeLive list

How do I receive alerts?

When the Sansec monitor detects malicious or highly suspicious code, it will send an email to the contact listed in /.well-known/security.txt. This file can look like this:

# thanks for reporting any issues!
Contact: mailto:[email protected]

If no contacts are listed, it will send an email to a known address (such as [email protected]).

Does this replace regular security monitoring?

While the Sansec Security Monitor has a large coverage of malicious code, it cannot inspect code that is running on your server (such as PHP, Ruby, NodeJS). The PCI Security Standards Council also requires to run a server-side malware & vulnerability monitor (see section 5).

Is this a paid service?

No, you will receive alerts free of charge. We do offer a paid backend scan, but you can run a basic server-side scan for free

How do I block monitoring?

Add the following to your robots.txt:

User-agent: Sansec Security Monitor
Disallow: /

Or add a crawl delay between requests:

User-agent: Sansec Security Monitor
Crawl-delay: 5

How do I contact you?

Send us a priority message here or drop us a mail at [email protected], we typically respond within a few hours!

Scan your store now
for malware & vulnerabilities

$ curl ecomscan.com | sh

eComscan is the most thorough security scanner for Magento, Adobe Commerce, Shopware, WooCommerce and many more.

Stay up to date with the latest eCommerce attacks

Sansec logo

experts in eCommerce security

TwitterLinkedinEmail

Terms & Conditions
|
Privacy & Cookie Policy
Company Reg 77165187
|
Tax NL860920306B01