Website Overview, Xcitium SOCaaP Web Security, Web Security

Website Overview

Select the target website from the drop-down at top-left and choose 'Overview'

The overview page shows a summary of blocked threats, the reputation of your sites, and visitor activity on your sites.

Each tile shows important security information from various SOCaaP Web Protection modules.

The tiles also contain shortcuts to more detailed results and threat remediation advice.

Open the overview page

Select the website from the drop-down at top-left of the dashboard

Click the 'Overview' tab

Or click the hamburger button and select 'Overview'

Alternatively, click the icon at the top-left of a domain tile in the dashboard

Tiles are broken down into three categories:

Website Monitoring

Website Protection

Website Backup

Each tile shows data from a different SOCaaP Web Protection module. Threat information is color-coded as follows:

Green - No threats found / The module is running OK. Click the stripe to view a history of actions by the module

Yellow - Action required. For example, activate the firewall or run a vulnerability scan. Click the stripe to activate the module or initiate a scan.

Red - Threats found. Click the stripe to open the module's configuration page. For example, you can start a malware scan or submit a request for Xcitium to remove the malware. See Website Files Security Scans for more details.

Website Monitoring

Shows key information from SOCaaP Web Protection scans. This includes malware scan results, vulnerability scan results, and site reputation checks.

Malware Scan:

The result of the most recent manual or scheduled scan on the website and site files.

Click a stripe to see full malware details and read threat remediation advice.

If no threats are found, the following message is shown on the tile:

You need to upload the SOCaaP Web Protection agent to your site to enable scans on website files. An alert message is shown if not enabled:

Click the stripe to enable the scanner.

Vulnerability Scan

OWASP Vulnerabilities - The number of vulnerabilities on your site that are listed in the Open Web Application Security Project (OWASP). Threats listed in OWASP are serious and should be fixed.

Note - SOCaaP Web Protection automatically blocks any OWASP threats it finds.

Click the stripe to go to the 'Vulnerabilities' page.

Click 'View full report' under OWASP.

Then click on a vulnerability category to view all files affected by that attack type.

The file list page also has instructions to help you fix the vulnerability.

See OWASP Top 10 Vulnerability Scans for more help with this interface.

You can also create web application firewall rules to address the issues.

See Manage Custom Firewall Rules for help to create custom WAF rules.

You can also initiate on-demand OWASP vulnerability scans from the 'Vulnerabilities' page

CMS Vulnerabilities - Number of active risks on your site's content management system (CMS).

The scanner supports the following types of CMS:

WordPress

Joomla

Drupal

ModX

Typo3

Click the stripe to go to the 'Vulnerabilities' page

Click 'View full report' under CMS scan

The risk factors identified in the CMS components are shown as a list under the respective tab

The details also include the version number of the CMS system in which vulnerability is found and the version to be updated to, to mitigate it

See CMS Vulnerability Scans for more help with this interface

You can run on-demand OWASP vulnerability/CMS scans on the site at anytime.

Blacklist Check - The result of the most recent automatic or manual website scan.

Site is blacklisted / Site is not blacklisted - States whether or not your site is listed as harmful on one of the major website blacklists.

Click the stripe to open the website scan page.

See 'Website Scans' for more information.

Website Protection

Shows attacks blocked by web application firewall (WAF) and CDN usage statistics.

Web Application Firewall - Number of incidents detected by the firewall, and the number of attacks prevented. You can configure these items in your web application firewall rules

Click the stripe to configure the WAF policies and create custom firewall rules for the domain

The period covered by the report is shown at the right of the stripe

Attacks Blocked - Number of incidents identified as potential intrusion attempts and blocked

Secure Content Delivery Network

The status of your CDN configuration live data about your CDN usage and the number of times your pages were viewed

The period covered by the report is shown at the right of the stripe

Click the stripe to go to the CDN page of the domain

Note: The CDN statistics are shown only for websites configured to use the CDN service.

You need to add a CNAME to your site's DNS record to use the CDN. This record is auto-generated by SOCaaP Web Protection

Click 'Settings' > 'CDN' > 'Settings' > 'Activation' to view the CNAME record for your site

If you haven't configured the CNAME then no data is shown here

Click to start the configuration process

See View CDN Metrics for more details about CDN statistics.

Website Backup

You can backup your website files and databases to remote servers. The backup tiles shows whether backup is active or inactive and other details. You should have purchased a backup license and configured backup settings. Click here for more information.

Backup - Shows whether backup is active or not.

Last Backup – The most recent backup of website files and database.

Backup Frequency – How often the files are backed up.

Next Backup – Upcoming scheduled backup date and time.

Total Storage Usage – Backup storage size used

Click the stripe to open the backup section.

‘Backup is inactive’ message is shown if:

You have not purchased a backup license

Backup option is disabled

SOCaaP

Version 2.2

English

Website Overview