Sansec Security Monitor
by Threat Research Team
Published in Guides − April 08, 2024
Learn about the global crawler that alerts online merchants to malicious code.
What is the Sansec Security Monitor?
Sansec Security Monitor is a helpful web crawler designed to improve e-commerce security. It has been monitoring about 400 thousand online stores since 2015 on a daily basis, while identifying and alerting merchants to any malicious code present on their sites. This early detection system is crucial for preventing data breaches and safeguarding both merchant and customer information. This service provides a vital tool in the fight against digital skimming (also known as Magecart).
| Version | 1.0 |
| Bot type | Good (Identifies itself, has an official moniker) |
| Category | Security |
| Obeys robots.txt | yes |
| Obeys crawl delay | yes (max 30 sec) |
| User-agent string | Mozilla/5.0 (compatible; Sansec Security Monitor/1.0; +https://sansec.io/monitor) |
| Reverse DNS suffix | sansec.io |
| IP address range | Live list |
How do I receive alerts?
When the Sansec monitor detects malicious or highly suspicious code, it will send an email to the contact listed in /.well-known/security.txt. This file can look like this:
# thanks for reporting any issues!
Contact: mailto:[email protected]
If no contacts are listed, it will send an email to a known address (such as [email protected]).
Does this replace regular security monitoring?
While the Sansec Security Monitor has a large coverage of malicious code, it cannot inspect code that is running on your server (such as PHP, Ruby, NodeJS). The PCI Security Standards Council also requires to run a server-side malware & vulnerability monitor (see section 5).
Is this a paid service?
No, you will receive alerts free of charge. We do offer a paid backend scan, but you can run a basic server-side scan for free
How do I block monitoring?
Add the following to your robots.txt:
User-agent: Sansec Security Monitor
Disallow: /
Or add a crawl delay between requests:
User-agent: Sansec Security Monitor
Crawl-delay: 5
How do I contact you?
Send us a priority message here or drop us a mail at [email protected], we typically respond within a few hours!
In this article
What is Magecart?
Also known as digital skimming, this crime has surged since 2015. Criminals steal card data during online shopping. Who are behind these notorious hacks, how does it work, and how have Magecart attacks evolved over time?
About MagecartScan your store now
for malware & vulnerabilities
eComscan is the most thorough security scanner for Magento, Adobe Commerce, Shopware, WooCommerce and many more.
Learn more
