How to leverage the feature "Accepted HTTP Status Codes" to track the activity of a dormant phishing website?
You're responsible for the operation of your financial service website. Of late, you've noticed many phishing websites on the internet trying to trick your customers into entering their login credentials and other crucial information. Due to stern actions at your end, these websites have now been pulled out of operation. Although dormant, you now want to constantly monitor these URLs for their activity. How do you ensure these spoof websites never turn up again and cause any more harm to your business?
By specifying the accepted HTTP Status codes in your Website Monitor, you can easily manipulate your monitor settings and closely watch the activity of these spoof websites. This feature is also available on
the REST API Monitor, SOAP Monitor, Web Page Speed (Browser) monitor. As a first step, log into Site24x7 and create Website monitor
s for individual URLs. It will allow you to track the activity of these URLs.
Since the URLs are inactive, the status of the monitor will be DOWN, by default.
The assumption is that whenever the status of a monitor changes to UP, the URL might have turned active again.
How to check whether the monitor turns active?
In the Add Monitor Configuration form > HTTP configuration settings, specify the HTTP status code(s)/range of status codes, that must be passed as a successful response.
Since the spoof URLs have been inactive in our case, you can pass the HTTP conditions, such as 400:451 or even specify any comma separated error codes.
Once your monitor setup has been completed, you must save the monitor to initiate data collection.
As the expected response is a 4XX client error, the monitor will always be deemed as UP during data collection.
During the monitoring, if you receive start receiving an HTTP 200 code, instead of the 4XX code, then your monitor's status will automatically change DOWN and you will be alerted to the issue.
If you check the log report or outage report of the monitor, you can further drill down and find the actual activity of the URL.
Common HTTP response codes and their definitions
HTTP Error Codes: Error codes will help you identify the reason why your website is reported 'down' by Site24x7. Below table gives a fair idea about different HTTP error codes, corresponding reason and World Wide Web Consortium definitions for each ...
Why is my website response time too high from China?
If your website is hosted outside China and you have chosen China as the location for monitoring, then the website response time will be high. This is because of the Great Firewall policy followed by China wherein, all the data coming from outside ...
How does the Poll Strategy setting work for website monitors?
When configuring thresholds for performance metrics, you can set strategies that the website monitor will use to send alerts during a threshold breach. There are four options available: Poll count Poll average Time duration Average time The default ...
Setting up a website monitor w.r.t content match and HTTP configuration
Regarding the website defacement (content match) configuration, you can set keyword checks to find the existence and non-existence of keywords in your HTML response. As far as the HTTP configurations are concerned, we support HEAD, GET, and POST ...
Possible reasons for website unavailability
Website unavailability is caused due to lot of reasons. Some of the major ones are as follows: When the website is not accessible In cases when the response time of the website crosses 30 seconds If the HTTP Response code is 4XX or 5XX In case of ...