Sites
To see and manage the site(s) under your account, click Sites on the left menu that appears under the Settings option.
The list shows the following information for each site:
-
Status
- Active
- Inactive
- Error
- Site Name
- Related URL
Note: Only users with the Admin role can edit site details.
How to edit site details
Click on the site to edit; this will open a panel on the right with 2-4 tabs:
- General
- Manage domains
- PCI settings - will only appear for sites with PCI
- Tag code - will only appear for sites with deployed solution
General
- Edit site name by clicking the pencil icon next to the site name as shown below
- Edit logo by clicking on the pencil icon next to the existing logo as shown below, and upload a png, jpeg, gif, or jpg file up to 150 KB.
-
Select environment - to facilitate management via grouping capabilities, such as selecting “All production sites” from the drop-down in the top banner when on the Scripts list page. Furthermore, PCI alerts will only be triggered for production sites.
- Production
- Test
- Development
- Select website category - for classification purposes only.
For site with deployed solution, for Admin users only:
-
Script display threshold
- Low - Show all scripts, including those that appear only occasionally. Best if you want full visibility, including edge cases.
- Medium - Hide less frequent scripts. Ideal for most use cases — balances visibility with noise reduction.
- High - Show only scripts that appear consistently across your site. Recommended if you want to focus on common and potentially impactful activity.
- Source defense engine provides the capability of shutting off all Source Defense activity on your website, including protection and reporting.
⚠ Warning: Turning off the SD engine will leave your website unprotected with no monitoring; ; it should be used in case of emergency only. Ensure this action is necessary and temporary.
- Default behavior for new scripts - upon identifying new scripts, determine whether or not to block them.
NOTE: Selection option to block may impact website’s behavior.
- Source Defense script policy recommendation - set whether or not to automatically accept Source Defense recommended policy, and if so, set time delay from recommendation to applying the policy.
Mange domains
Manage unknown domains sending data with your site's Source Defense tag in this tab.
Domain Statuses
- Unknown Domains: These are domains utilizing your site's Source Defense tag without being listed in your authorized domains. Such domains are flagged as "unknown," and their data is automatically filtered unless action is taken. Detection of these domains triggers in-app alerts, as well as email and webhook notifications if configured.
-
Authorized Domains: Domains explicitly approved to transmit data to Source Defense from your website. Data from these trusted domains is displayed in your Source Defense dashboard.
-
Unauthorized Domains: Domains explicitly prohibited from sending data to Source Defense from your website. When unauthorizing unrecognized domains, it's crucial to investigate the source of the domain using your site's Source Defense tag.
For more details, read the the how-to guide: How do I manage domains?
PCI
This tab appears only for sites with PCI enabled.
- Select configuration for 1st party justification
-
No payment data alert threshold - trigger alert when no payment data was found on any of the payment pages for the past:
- 24 hours
- 48 hours
- 1 week
- Never - to turn this alert off.
- Payment page(s) URLs - enter label and wildcard used to identify each of your payment page(s). See article How do I define my payment pages for PCI? [FAQ].
Tag code
This tab appears only for sites with deployed solutions.
Displays code to copy and paste to the <head> section of every page where Source Defense should be deployed.