Performance and security are the lifeblood of an e-commerce website. The moment pages start to slow down, or your customers fear their data may be at risk, is the moment your business starts to fail.
This post is the third in a series exploring the key tools every ecommerce site needs running 24/7.
» See the first post here (User Journeys).
» See the second post here (Real User Monitoring).
Are my customers protected?
Tool: Client-side security with Magecart detection
The best approach to platform security is defence in depth. We advocate a layered approach using multiple tools to ensure cover across a variety of potential security issues.
Good platforms will have their infrastructure up to date with software versions, regular vulnerability scans, and patching.
These are tactics designed to minimise your exposure to data breaches and other malicious attacks.
The new threat
However, with third-party plugins being a common feature of most modern ecommerce sites, the threat is not contained to your own platform – regardless of how secure it might be.
If a third-party is breached this can allow attackers to gain access to your site via its embedded code. If a hacker can execute code on your website, this gives them the potential to access your customers’ data.
The most common place for this to occur is on forms capturing data such as login credentials or payment information. A compromised script can log this information and send it anywhere that the hackers want.
In some circles these attacks are known as “form-jacking” or “web skimming”. The most frequent perpetrators are a loose coalition of hacking groups that some call “Magecart”.
Tracking the data breaches
To identify these breaches you need to track when your site begins sending data to new, unknown sources. With RapidSpike you have two methods for discovering these third-party compromises. The first is using our User Journey software that we covered in part 1 of this series. The second is using Real User Monitoring, which we covered in part 2.
User Journeys can detect – using our synthetic browser monitor – whenever pages visited during the journey send data to new unknown providers.
Using Real User monitoring we can watch specific pages on your site, and alert you when real users on those pages send data to untrusted sources.
Setting up
Once you have monitoring in place with either or both User Journeys and Real User Monitoring, we can then configure security monitoring through RapidSpike’s Magecart Detection.
After you’ve switched on Magecart Detection you’ll need to wait for a short time for data to begin collecting. We will identify hosts (third parties) that are receiving data from your website. You can run through this list and “trust” those hosts you know to be safe. To make this process easier, we have our own whitelist where we have already recorded safe popular plugins.
After identifying and “trusting” the third parties that make up your site, we recommend creating one or more alert rules. This is so you can be notified if anything new appears. This will, of course, happen occasionally as new plugins are added to your site. However, it’s always better to be vigilant in case one is a genuine breach.
