Go to All Forums

Website defacement: how to deal with dynamically-generated image src URIs?

Does anyone have any suggestions about how to handle the false-positive alerts triggered by dynamically-generated 3rd party image src URIs?

A prime example of this is Twitter's (conversion tracking) Universal Website Tag[1]. As of May 2022, the JavaScript which Twitter requires you to include on your website (merely loads Twitter-hosted JavaScript which the website owner has no control over) also generates a request for a 1px tracking image using a URI with a random parameter value and one of a handful of different Twitter FQDNs. For better or worse, Site24x7's Website Defacement faithfully detects this "change" to the image src URI, but unlike Script/Content Modification Threshold monitor settings, no threshold can be configured for image src URIs.

From what I can see, in this situation, the only options available to avoid non-stop false positive alerts (more accurately, an alert that never ends) are the following which either greatly reduce or entirely nullify the value of Defacement monitoring:

  A) disable "Image Defacement" and/or "Link Defacement" (as appropriate) for all monitored pages

  B) don't monitor the pages where the problem occurs

Does anyone else have any ideas about how to handle this situation?

[1] business.twitter.com/en/help/campaign-measurement-and-analytics/conversion-tracking-for-websites.html

Like (1) Reply
Replies (0)