# Domain management

Domain Management provides comprehensive monitoring of your organization's web properties, ensuring your domains remain secure, properly configured, and free from unauthorized tampering. For Web3 organizations where domain compromise can lead to devastating phishing attacks or fund theft, proactive domain monitoring is essential.

## Monitoring Capabilities

<figure><img src="/files/LsAdi1dKB9AtROsep38i" alt=""><figcaption></figcaption></figure>

### Domain Verification

Add and verify ownership of your domains to enable monitoring:

* Verify domains through DNS TXT records or file upload
* Support for apex domains and subdomains
* Automatic detection of SSL/TLS certificate issues
* Expiration warnings for certificates and domain registrations

### Security Headers Analysis

Automated scanning of HTTP security headers:

**Critical Headers Monitored**:

* Content-Security-Policy (CSP)
* Strict-Transport-Security (HSTS)
* X-Frame-Options (clickjacking protection)
* X-Content-Type-Options (MIME sniffing prevention)
* Referrer-Policy
* Permissions-Policy

**Security Grading**: Each domain receives a security grade (A+ through F) based on header configuration, with detailed recommendations for improvement.

**Compliance Tracking**: Monitor adherence to security best practices and regulatory requirements (PCI-DSS, SOC 2, etc.).

### DNS Health Monitoring

Track DNS configuration and detect anomalies:

* Monitor DNS record changes (A, AAAA, CNAME, MX, TXT)
* Alert on suspicious DNS modifications
* Detect DNS hijacking attempts
* Track nameserver changes
* Monitor DNSSEC configuration

### Content Integrity Monitoring

**Frontend Protection**: Sentry creates cryptographic hashes of your web application content and continuously monitors for unauthorized changes.

**What's Monitored**:

* HTML page content
* JavaScript files
* CSS stylesheets
* Critical static assets
* API endpoint responses

**Change Detection**: When content changes are detected:

* Immediate alerts sent to administrators
* Detailed diff showing what changed
* Option to mark changes as authorized (deployments)
* Historical tracking of all content modifications

**Use Cases**:

* Detect injected malicious scripts
* Identify compromised deployment pipelines
* Catch unauthorized "maintenance" pages
* Monitor for supply chain attacks via CDN compromise

### Domain Health Dashboard

Visual overview of all monitored domains:

* Overall health status (healthy, warnings, critical)
* Last scan timestamp
* Number of security issues detected
* Certificate expiration countdown
* Uptime monitoring
* Response time tracking

## Alert Types

**Critical Alerts**:

* Content hash mismatch (potential compromise)
* DNS records pointing to unauthorized IPs
* SSL/TLS certificate errors or expiration
* Missing critical security headers (CSP, HSTS)
* Domain ownership transfer detected

**Warning Alerts**:

* Security header grade degradation
* Slow response times or intermittent failures
* Certificate expiring within 30 days
* New subdomains detected
* DNS configuration changes

##

## Best Practices

**Verify All Public-Facing Domains**: Don't just monitor your main site - include documentation, marketing pages, testnet deployments, and API endpoints.

**Set Up Trusted Content Baselines**: After each legitimate deployment, acknowledge the content change to establish the new trusted baseline.

**Monitor Subdomains**: Attackers often target forgotten or unused subdomains for subdomain takeover attacks.

**Implement Security Headers Gradually**: Use report-only modes (CSP report-only, etc.) to test configurations before enforcing.

**Regular Audits**: Review your domain list quarterly to remove old domains and add new ones.

{% hint style="warning" %}
**Important**: Content integrity monitoring requires your web application to be accessible from Sentry's monitoring infrastructure. Ensure firewall rules allow connections from Sentry's IP ranges.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sentry.auditware.io/monitoring/domain-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.