Defacement is one of the famous attack techniques to take down the website and hurt the business.
Thousands of sites getting defaced every day. An interesting statistics show more than 270,000 sites got defaced in 2019.
What is website defacement?
As the word “deface” means, the hacker changes the content, visual appearance of the whole site, homepage, or particular web page. It depends on hacker intention but mostly seen as homepage replaced with their text, logo, and image.
Technically, this is possible when you break the webserver or take the DNS registrar in control. Here are some of the popular websites defaced in the past.
Google Palestine website in 2013
Lenovo website in 2015
Delhi Airport website in 2013
Microsoft Office Blog in 2014
You see, having a monitoring system in place will notify you instantly when the site gets defaced, so reputational and business impact is none or minimal. Let’s take a look at the following solution.
Fluxguard
Receive an alert immediately when your web page pixel, DOM, and content change.
Fluxguard is a cloud-based, capable of rendering all types of the web page including a password-protected dashboard and form actions.
Along with defacement monitoring, Fluxguard can help you with QA automation, synthetic transaction, visual regression, and application performance monitoring.
You can eliminate the manual testing after every change by comparing the screenshots, code, and content of the webpage. The following are an incomplete list of features.
- Automatically monitor newly found links
- Multiple browser and resolution supported
- Not just English but it can monitor Chinese, Korean, Japanese including Emoji
Fluxguard looks promising, and you can get it started in FREE to watch 75 pages. Give a try to see how it works.
SUCURI
SUCURI offer all-in-one website security monitoring, protection, backup along with performance benefits.
Know when your site is having issues immediately. Not just when it is defaced with many other things like below.
- When DNS record gets changed
- Cross-site scripting infection
- When a site gets blacklisted by Google and other search engines
- The site is hijacked/hacked/down
- Conditional redirects
- Hidden malicious code
- Obfuscated JavaScript infections
- SSL certificate changes
- SEO spam
- and many more…
It works with any time of sites, including WordPress, Joomla, Drupal, Magento, Bulletin, phpBB, etc.
IPVTec
IPVTec is a monitoring service online tool which helps you to inform you if your website is defaced.
You can configure to get notified by email, SMS, or both. IPVTec also helps you to alert in the following scenario.
- SSL Certificate expires
- Website not available
- Hijacked
- Blacklist
- Malware detection
Site 24×7
Site 24×7 provides end-to-end monitoring services, and defacement detection is part of “Website Monitoring.”
There is a considerable number of combinations you can configure to get alerted when your website is defaced. Some of them are listed below.
- Check keyword present in the HTTP response
- Do a case-sensitive keyword search
- Monitor from multiple locations
- Notify when a certain percentage of content is changed
- Notify when image size change, image count exceed
- Notify when script size, CSS count exceed
Visualping
It allows you to select the website area you want to monitor and get notified of any changes detected.
It’s more like a visual comparison to trigger alerts on tiny, medium, or significant changes at an interval of daily, hourly, or weekly.
So if you are looking to monitor a specific area of your page, visualping is worth giving a try.
OnWebChange
OnWebChange helps you to select multiple areas within your webpage and notify for any changes detected. Along with a web page, you can also monitor files like PDF, images, videos, plain text, etc.
You have an option to configure the way you want to be notified by email, pushover, teamstinct, or HTTP callback.
WebOrion
WebOrion monitor offers visual change, content & integrity monitoring. You have an option to receive notification by email, SMS, or Webhooks.
WebOrion monitor service is available on Cloud (SaaS), on-premise appliance or virtual appliance.
Versionista
Versionista crawls the entire site to monitor changes and notifies by e-mail or slack. Not just HTML, but Versionista is capable of track changes in PDF, text, and dynamic contents as well.
An alerting email contains a detailed monitoring report to give you complete information about what was changed. Every configured page is archived for detailed tracking. You can compare pages side-by-side.
Monitis
One of the popular cloud-based site monitoring platforms offers blacklist and defacement monitoring.
Monitis checks every 12 hours and notifies any possibilities of a site being defaced or blacklisted.
Wachete
Monitor a particular area or entire site every 24 hours for FREE. And, if you need to increase the frequency, then upgrade to check every hour from $4.90 per month.
Wachete is capable of monitoring password protected page, dynamic page, and integrates well with third-party products.
Wachete got its mobile apps for Android, Windows, and iOS to track the changes and receive push notifications.
Conclusion
I hope the above tools help you to monitor your website for defacement. Most of them offer a FREE trial so I would suggest to try a few and see what works best for you.
Stay Secured!