Sansec Security Monitor
by Threat Research Team
Published in Guides − May 15, 2025
Learn about the global crawler that alerts online merchants to malicious code.
What is the Sansec Security Monitor?
Sansec Security Monitor is a helpful web crawler designed to improve e-commerce security. It has been monitoring about 400 thousand online stores since 2015 on a daily basis, while identifying and alerting merchants to any malicious code present on their sites. This early detection system is crucial for preventing data breaches and safeguarding both merchant and customer information. This service provides a vital tool in the fight against digital skimming (also known as Magecart).
| Version | 1.0 |
| Bot type | Good (Identifies itself, has an official moniker) |
| Category | Security |
| Obeys robots.txt | yes |
| Obeys crawl delay | yes (max 30 sec) |
| User-agent string | Mozilla/5.0 (compatible; Sansec Security Monitor/1.0; +https://sansec.io/monitor) |
| Reverse DNS suffix | sansec.io |
| IP address range | Live list |
How do I receive alerts?
When the Sansec monitor detects malicious or highly suspicious code, it will send an email to the contact listed in /.well-known/security.txt. This file can look like this:
# thanks for reporting any issues!
Contact: mailto:labs@sansec.io
If no contacts are listed, it will send an email to a known address (such as info@yourdomain.com).
Does this replace regular security monitoring?
While the Sansec Security Monitor has a large coverage of malicious code, it cannot inspect code that is running on your server (such as PHP, Ruby, NodeJS). The PCI Security Standards Council also requires to run a server-side malware & vulnerability monitor (see section 5).
Is this a paid service?
No, you will receive alerts free of charge. We do offer a paid backend scan, but you can run a basic server-side scan for free
How do I block monitoring?
Add the following to your robots.txt:
User-agent: Sansec Security Monitor
Disallow: /
Or add a crawl delay between requests:
User-agent: Sansec Security Monitor
Crawl-delay: 5
How do I contact you?
Send us a priority message here or drop us a mail at support@sansec.io, we typically respond within a few hours!
In this article
Realtime store protection?
Try Sansec Shield! No more stressing to install patches on a Friday afternoon. The most advanced WAF for Magento stores gives you peace of mind.
Sansec ShieldScan your store now
for malware & vulnerabilities
eComscan is the most thorough security scanner for Magento, Adobe Commerce, Shopware, WooCommerce and many more.
Learn more
