How to Monitor Your Website for Suspicious Activity

You can't respond to a security incident you don't know about. Setting up monitoring for your website means you'll be alerted quickly if something goes wrong - giving you the best chance to contain the damage early.

Monitor Access Logs in cPanel

cPanel records every request to your site in access logs. To view them:

1. Log in to cPanel and go to Metrics › Errors or Raw Access.
2. Look for unusual patterns: high volumes of requests to /wp-login.php, 404 errors for non-existent PHP files, or requests from a single IP in rapid succession.

Set Up Alerts with a Security Plugin

For WordPress sites, Wordfence and Sucuri Security both offer email alerts for:

• Failed and successful login attempts
• New admin user creation
• Plugin and theme changes
• Malware detection
• Firewall blocks

Use Uptime Monitoring

Free services like UptimeRobot check your site every few minutes and alert you by email if it goes down - which can be an early sign of an attack or compromise.

Watch for Google Warnings

Set up Google Search Console for your domain. Google will notify you if your site is flagged for malware or phishing, and you can see what pages it has indexed.

Check Email for Abuse Reports

If your hosting account starts sending spam, dotCanada's systems will flag it. Keep your contact email updated so you receive any abuse notifications promptly. If you receive a suspicious activity alert from us, contact our support team right away.