Skip to main content

How do I manage script policies? [FAQ]

  • Updated

Overview

Scripts running on your website are assigned security policies in order to protect your users and your data from potential risks introduced by third-party scripts. You can manage and change the script policies using the Source Defense Console.

This guide explains how to locate a script and change its policy as needed.

 

How to Change a Script Policy

Log in to the Source Defense Console: 

[https://aa-ui.sourcedefense.com]

 

Access the Scripts List: 

From the left-hand menu, select Scripts.

image (17).png

 

Locate the Script: 

Find the script you wish to manage by searching or browsing the list of scripts associated with your site(s).

image (18).png

Script Details: 

Click on the script name to open its Script Detail Page.

 

Manage the Script Policy: 

  • Open the Manage Panel.
    • If script is NOT “In Policy” AND/OR Behaviors are not Acknowledged, click “Manage” to access the Manage Panel.

      image (19).png

      image-20250428-185752.png
    • If script is “In Policy”, and Behaviors are Acknowledged, you’ll need to expand the Policy Panel and click “Manage” to access the Manage Panel.

Screenshot 2025-05-11 143911.png

  • If required, click the ellipsis ("...") next to the Accept Policy button to open the policy options.
    • Select the appropriate policy based on your security needs:
      • Blocked — Prevents the script from running at all.
      • Isolated — Runs the script in a secure sandbox, preventing access to sensitive content or DOM manipulation.
      • Monitored — Allows the script to run but monitors its behaviors for risk reporting.

      • Redacted — Redacts specific types of sensitive data the script attempts to access:

        • Redact - PCI — Redacts payment information (credit cards, etc.).

        • Redact - PII — Redacts personally identifiable information (name, email, address, etc.).
        • Redact - Credentials — Redacts user credentials (usernames, passwords).
        • Redact - Combinations — (e.g., PCI + PII, PCI + UC, PII + UC, PCI + PII + UC).

NOTE: If a policy is not listed in the console, it is not available for that specific script.

 

Apply the Policy: 

Click Accept Policy to save and apply the selected policy to the script.

 

Verify the Update:

Once saved, the new policy status will be reflected on the Script Detail Page.

 

Important Information

  • Policy changes take effect immediately once applied.
  • Source Defense continues to monitor scripts and notify you of any newly observed behaviors, even if a script is blocked.
  • We recommend validating your website’s key functionality after applying or changing a script policy.

 

Related articles