Frequently asked questions

Hopefully any question you may have will be answered here, however if it isn't or you would like to discuss something please don't hesitate to contact us.

How can I add multiple sites?

Once you have registered and logged in, just go to the "settings" page. At the top right there is a button to add another website to your account.

If I have multiple sites will I get multiple reports?

Yes. Only the website merges both the data. For each website you will have a seperate report generated to pass on to the relevent people if needed.

Can I see an example of the live attack page?

Sure this is how the live attacks come in (click for more details):

- 2013-01-19 00:33:53 - index.php Remote file inclusion N/A
- 2013-01-19 00:33:43 - index.php Remote file inclusion N/A
- 2013-01-18 06:22:52 - index.php Remote file inclusion N/A
- 2012-01-28 12:28:06 - index.php SQL injection N/A

How often are reports sent out?

Reports are sent out monthly. To be more specific, on the 12'th of each month. This is so it coincides with various scheduled tasks we need to perform for site maintenance.

What does this service work with?

Currently this service only supports PHP applications, however it is compatible with all modern webservers. If you run PHP (4 and above) this will work fine.

My site handles 1000's of requests a second will it make my website slow?

One of the methods of including the IDS is a local script which we would recommend for this type of analysis.
As for overhead it should be minimal, the local script will simply match the query's against some preliminary checks.
Only if a suspected attack is detected should there be any slowdown as it will send the data to our server for further analysis.

How can I promote CheckAttacks?

The best way would be with the sharing buttons in the footer, to which ever social network you prefer.
If you would like a button on your website feel free to use this one:

The HTML for this is:
<a href="" target="_blank">
	<img src="">

What if my IDS goes down?

We check every IDS periodically to ensure they are running smoothly, if it goes down you will be notified. However if we discover that you are running an outdated version we will notify you in the monthly report.

How does it work?

Well put simply it's a 4 stage process.
Stage 1. Users browse your website normally unaware that CheckAttacks is performing checks in the background.
Stage 2. If a users behavior matches that of an attacker the details of their activity is sent on to CheckAttacks, the user still unaware that this is happening.
Stage 3. Further analysis is performed on the CheckAttacks server and information is logged into the database.
Stage 4. Results are posted to the CheckAttacks main page for the website owner/administrator to deal with as necessary.


PCI DSS is an abbreviation of the term Payment Card Industry Data Security Standard and is a global security standard set by the PCI Security Standards Council. PCI compliance is a mandatory requirement which applies to all businesses that store, process or transmit cardholder details and is in place to ensure a secure environment is maintained.

Some links that might shed some light on this are:

Hopefully now you will realise that it is a base requirement to be compliant with PCI DSS to have an IDS running on your website (that is what CheckAttacks is)

What happens if I’m not PCI DSS compliant?

If you do not comply with the industry standard then you are liable to incur substantial fines enforced by the card schemes and you could also find yourself being permanently banned from any further card processing.