Once your site has been approved for monitoring here’s what you need to know:

First, what do you have to do?

Send us an email that includes the URLs on your site(s) that you think should be watched, and the email addresses you'd like us to send alerts to.

Then we’ll set up the monitoring and let you know when it’s active.

We suggest—for external monitoring

Fixed content: If your site static HTML pages, or relatively-stable javascript files, those are the easiest for us to monitor. The javascripts are the most likely targets for hackers, but any defacement of an HTML page would also be picked up.

If your site is PHP or Perl, that’s most likely to be a target - so those are the pages to monitor.

If you have variable content, give us a URL that does not contain advertising or other “feeds” that change irregularly...unless you are pretty sure that these are possible sources of malware, in which case, let us know more about the feeds.

We suggest—for internal monitoring

PHP sites: We have a PHP tripwire script/file that will examine your own PHP files and can detect many hacks. The script puts a light load on your server, and we can adjust the frequency of interrogation to reduce that even further.

Databases: We have a PHP script that will examine your database looking for hacker activity. Let us know if you want such scripts.

Where can we notify you?

We can send your alerts to as many email destinations as you like, including mobile phones, and mobile phone SMS/TXT if your service provider has an email-to-SMS gateway. In the event of an attack on your site, you may receive many alerts, so choose your notification mechanism carefully!

Too many alerts or false positives?

Many webmasters are unaware that their sites go out of service, or become slow, or have web-app problems or gateway problems, until they begin monitoring and see so many alerts. This can open your eyes to underlying problems you might not otherwise see. [why might this happen?]