The Site Settings area specifies a collection of settings that SiteSpect uses to know how your site operates and how you want to use SiteSpect with it. Specifically, SiteSpect stores information about your site on the following tabs:
This tab displays the name of your site, its configuration type, its status, and the URL used for its preview. The tab also lists the date the site was created and any dates the site was changed.
Specifies the name of the Site.
Specifies what type of Site this is. The types are:
Specifies the status of the Site. Statuses are:
- Implementation: Sites have this Status when they are being set up. The Site is not ready to accept live traffic.
- Live: All of the Site's Domains are ready to accept traffic.
- Partial Live: The Site is in a mixed state. In other words, one or more of the Site's DNS-managed Domains are not Live. (Not available for on-premise because Domain status is only Live.)
- Bypass: Traffic is flowing around SiteSpect and not through it. SiteSpect is not running any tests and is not collecting data. (Not available for on-premise because Domain status is only Live.)
- Offline: The Site is not currently set up for use. It may be archived. Engines return a 400 (bad request). If all Domains are in Bypass, this Site Status is not affected.
Default URL for Preview
Specifies the URL that SiteSpect launches for the Preview function. You can override this on the Campaign page or on the Preview Settings page.
This tab lists your Content Delivery Network (if you have one) and as well as notes about the configuration of your implementation.
The User Tracking tab stores information about all the different fields SiteSpect uses to track your users such as user session, user tracking cookies, reporting, load balancing, and robot detection settings.
This section contains fields that specify details about how SiteSpect defines sessions.
User Session Timeout
Specifies the number of seconds that defines the timeout for a user's individual session (visit). After the user has not viewed any pages (including any non-pass-through content) for this amount of time, SiteSpect determines that the user is no longer actively viewing the website. If the user subsequently clicks on a link after the timeout period has occurred, SiteSpect tracks that as a new visit. The minimum timeout value is 300 seconds. The default value is 1800 seconds (30 minutes).
User Tracking Cookies
This set of cookies tracks information about SiteSpect users.
Enable HTTP Only Attribute for Cookies
The HTTP Only attribute tells SiteSpect to add the HTTP Only flag to all cookies that it sets. If enabled, any attempt to access SiteSpect cookies using client scripting is strictly forbidden. This feature is deselected by default.
Enable Secure Attribute for Cookies
The Secure attribute limits the scope of the cookie to secure channels (secure is defined by the user agent). When a cookie has the Secure attribute, the user agent includes the cookie in an HTTP request only if the request is transmitted over a secure channel. SiteSpect does not set the secure option in cookies for visits to Domains that do not use HTTPS on the front end.
User Cookie Name
Specifies the name of the persistent cookie that SiteSpect looks for when tracking visits over time. This cookie is encoded and compressed; the value is not available to users. The default name is SSID, but you can name it yourself. If you do, make sure the name is unique if you've got multiple sites that share the same top-level domain.
Recent Request Cookie Name
Specifies the name of the cookie that stores the date and time of the user's last page view. SiteSpect updates the last page view date and time value on a specific interval, which can be configured by a System Administrator; not all visits update the value. The last page view is used to determine if a user's session has timed out. This cookie is encoded and compressed; the value is not available to users. You can combine this cookie with the Additional Data Cookie to reduce the number of cookies, however we do not recommend doing so, since it may affect user statistics. To combine these cookies, give both cookies the same name. The default value is SSRT, but you can name it yourself. If you do, make sure the name is unique if you've got multiple sites that share the same top-level domain.
Additional Data Cookie Name
Specifies the name of the cookie that stores additional Campaign data on the user. This cookie includes the Visit Rating value and the Baseline Metric hit data. This cookie is encoded and compressed; the value is not available to users. You can combine this cookie with the Recent Request Cookie to reduce the number of cookies, however we do not recommend doing so, since it may affect user statistics. To combine these cookies, give both the cookies the same name. The default value is SSOD, but you can name it yourself. If you do, make sure the name is unique if you’ve got multiple sites that share the top-level domain.
Preview Cookie Name
Specifies the name of the cookie that stores data required for the SiteSpect Preview feature and the Debug Logging Level. Generally, SiteSpect sets this cookie only for preview sessions; however, if the Logging Level field on the Logging & Performance tab of the Domain is set to Debug then SiteSpect sets this cookie for all requests. You can reduce the number of cookies that SiteSpect sets by setting the Logging Level field below the Debug level. This cookie is encoded and compressed; the value is not available to users. The default value is SSPV, but you can name it yourself. If you do, make sure the name is unique if you've got multiple sites that share the same top-level domain.
Object Preview Cookie Name
Specifies the name of the cookie that stores data about the element you are currently previewing. The default value is __ssp__history__session, but you can name it yourself. If you do, make sure the name is unique if you've got multiple sites that share the same top-level domain.
This set of cookies tracks information useful for SiteSpect reporting.
Status Signaling Cookie Name
Specifies the name of the cookie that provides information about the user to the back end web server. The information reported consists of the SiteSpect Site visited (Site_ID), the user identifier assigned by SiteSpect to the specific user for tracking (User_GUID), number of visits by that user (UserVisitCount) and the assigned Campaigns and Variation Groups (TestCampaign_ID and VariationGroup_ID). Each of these values is an integer and is delimited by dots ".", pipes "|" and colons ":"; the User_GUID is prefixed by a 'G'.
SiteSpect sets the cookie on a user's entry URL, but it is visible only to the back end web server on subsequent requests. The cookie exists for the user's current visit only and is deleted when users close their browsers.
Note that users who are not assigned to a Campaign still receive this cookie, but the Campaign and Variation Group IDs are zero (0).
The structure of the cookie is:
The Campaign and Variation Group ID information is separated from the rest of the values by a pipe symbol ("|"), then the pairs of Campaign ID and associated Variation Group ID are delimited from other pairs by a colon (":"). Campaign ID and Variation Group ID are delimited by a dot (".").
For example, a Site with an ID of 2, User ID of 5462678722387841638, User Visit Count of 4, assigned to three Campaigns with IDs of 1674, 1675 and 1680 with the respective Variation Group IDs of 20576, 20599 and 20873 has the following cookie value:
The Site ID is a numeric value that corresponds to the Site_ID parameter in SiteSpect’s URL. The Campaign ID is a numeric value that corresponds to the TestCampaign_ID visible in the URL while editing a Campaign or in the tooltip when hovering over the Campaign edit button. Similarly, Variation Group ID corresponds to the VariationGroup_ID visible in the URL while editing a Variation Group or the tooltip when hovering over the Variation Group edit button.
To disable the cookie and prevent SiteSpect from setting it in the user’s browser, leave the field blank. The default value is SSSC, but you can name it yourself. If you do, make sure the name is unique if you've got multiple sites that share the same top-level domain.
Ancillary Cookie Name for Capture (optional)
Specifies the name of the cookie that stores values captured from your origin or third-party cookies for use in Campaign reporting data. This is useful if you need to match SiteSpect Campaign data with externally available data. SiteSpect checks for this cookie value on every request until it finds the first instance. SiteSpect does not record changes to the cookie value during the user’s browser session.
Use the Ancillary Cookie Name field to identify the name of your site cookie that contains the value to capture. Use the optional Parsing Formula to extract a specific value from the cookie. If you leave this blank, SiteSpect stores the entire cookie value in the report data. This ancillary value is included in the Data Export report.
Ancillary Cookie Parsing Formula (optional)
Specifies the formula that extracts a specific value from the Ancillary cookie.
Affinity Cookie Settings
Affinity Cookie Name
Specifies the name of the cookie used for load balancing to indicate a user's stickiness towards a particular node or pool. The recommended approach is for SiteSpect to set a unique cookie name/value pair to ensure that the load balancer routes users through SiteSpect on subsequent requests and visits. The Affinity Cookie scheme is defined independently for Campaign and non-Campaign users. The default value is SSLB.
Affinity Cookie Value for Campaign Users
Specifies the value of the Affinity Cookie for users who are assigned to a Campaign.
- Expiration time defined by Campaign: Affinity expires based on settings at the Campaign level (Campaign, Advanced Settings, Assignment Expires After, Visits or Duration).
- Fixed expiration time of: Affinity expires based on a settings specified here.
Affinity Cookie Value for Non-Campaign Users
Specifies the value of the Affinity Cookie for users who are not assigned to a Campaign.
- Expires at end of visit: Affinity expires at the end of the visit (i.e., it’s a session cookie).
- Fixed expiration time of: Affinity expires based on a settings specified here.
Note: Certain SiteSpect user tracking features are affected when the non-Campaign Affinity Cookie value causes a load balancer to route users away from SiteSpect (i.e., while shedding users). Since SiteSpect cannot perform its usual measurements on shed traffic, keep the following in mind:
- Site Variations and QuickChanges do not apply to shed visits.
- SiteSpect does not perform the Automated Robot Detection test for shed visits.
- When SiteSpect sheds traffic, baseline site Metric tracking data can be inaccurate.
- Previous Assignment and Past Baseline Metric Behavior Audiences can also be inaccurate.
When the Affinity Cookie for Non-Campaign Users is used, the default value is 1.
Automatic Robot Detection
Automatic Robot Detection (ARD) defines how SiteSpect determines which requests come from robots. It provides very accurate detection of robots, crawlers, and other User-Agents that do not explicitly identify themselves as such. These are often referred to as cloaked robots since they masquerade as Internet Explorer or Firefox browsers and thus are not filtered by SiteSpect's explicit Pass-Through settings. Enabling this feature improves the accuracy of your Campaigns because it excludes data from these non-human User-Agents.
Robot Detection Location
There are four options for determining where on the page the ARD code should go:
- Prepend to top of page: Accurately filters robots while still capturing even those users who quickly enter/exit a site (i.e., a bounce). The test code is inserted just after the opening of the <head> tag where available or otherwise, at the top of the page.
- Append to bottom of page: Accurately filters robots and most rapid bounces where a human user visits a site, views only one page, then quickly presses the back button to return to the referring page (typically a search engine). You may want to use this setting if you do not want rapid bounces counted in your Campaign data. The test code is inserted just before the end of the </body> tag where available or otherwise, at the end of the page. This is the default setting.
- Append to absolute bottom of page: Similar to the prior option, but attempts to append the test code only to the end of the page. This option is recommended only for sites where the prior two options are problematic.
- Off: ARD is disabled; only those robots that are explicitly filtered by pass-through settings or HTTP Request Exclusions are caught.
Robot Detection Method
When you choose any of the Robot Detection Locations other than Off, you can also select the method for injecting SiteSpect's ARD code onto the page:
- new Image(): A non-blocking method for injecting code onto the page using a new HTMLImageElement instance. While it does not block drawing the page or subsequent HTTP requests, it can block/delay the load event on the window.
- document.write(): We do not recommend this choice, since it is a blocking injection and will be soon deprecated.
Communication & Pass-Through
The Communication & Pass-Through tab stores information about the different fields SiteSpect uses to specify settings for pass-through, communication, content, and a whitelist for the Visual Editor.
Pass-Through Content Types (case-insensitive)
Specifies certain types of content that SiteSpect should ignore, which helps streamline performance. Specify one regular expression per line. The default pass-through content types commonly do not require Metric tracking or cannot be changed using a Variation because they are not a text type.
In some cases, you may not want to pass-through certain content. For example, if you want to have a Metric detect downloads of a streaming video, remove "video/" from the pass-through list.
Use the following format to define which file types append an expires header as well as the time frame. Each MIME type you want to add this header to should be specified along with the time frame.
All images such as GIF, JPEG, etc
text/css : "30 days"
CSS Style Sheets
SiteSpect supports the standard MIME types and day, week, month, and year time frames.
Pass-Through IP Ranges (left-anchored)
Specifies specific IP addresses or a range of IP addresses whose browser/client requests you want SiteSpect to ignore. Specify one regular expression or IP address range per line.
For example, the following ignores a single IP address:
The following is an example of ignoring a block of IP addresses that starts with "192.168.0.":
The following is an example of an IP address range that includes all individual addresses within the 192.168.0.1/255.255.255.0 and 192.168.1.1/255.255.255.0 C-class subnets:
64\.14\.3\.196 # ScanAlert California, US
22.214.171.124-126.96.36.199 # ScanAlert California, US
188.8.131.52-184.108.40.206 # ScanAlert California, US
#220.127.116.11-18.104.22.168 # ScanAlert London, UK
#22.214.171.124-126.96.36.199 # ScanAlert Amsterdam, NL
#188.8.131.52-184.108.40.206 # ScanAlert Tokyo, JP
#161\.69\.197\.110 # ScanAlert Tokyo, JP
#220.127.116.11-18.104.22.168 # ScanAlert Hong Kong, HK
22.214.171.124-126.96.36.199 # ScanAlert Georgia, US
188.8.131.52-184.108.40.206 # ScanAlert Georgia, US
220.127.116.11-18.104.22.168 # ScanAlert California, US
22.214.171.124-126.96.36.199 # ScanAlert London, UK
Pass-Through User Agents (case-insensitive)
Specifies partial and/or complete strings of HTTP User-Agents (HTTP request header "User-Agent") that SiteSpect should ignore. The default list includes common stems of known robot user agents. Specify one regular expression per line.
SiteSpect performs case-insensitive comparisons when matching User-Agent patterns. Values in the list that are prefixed by # or // are considered comments and ignored during processing.
Google Web Preview
Pass-Through HTTP Response Status Codes (left-anchored)
Specifies HTTP response status codes that SiteSpect should pass-through. If a back end web server generates a response code matching an item in this list, SiteSpect does not apply any Metrics, Variations, Site Variations, or QuickChanges for that content. Specify one regular expression per line. The default list includes the following items:
Partial Content Responses (206)
This Response Code indicates that the server is delivering only part of the resource due to a Range request header sent by the User-Agent. The Range header is used to resume interrupted downloads or to split a download into multiple simultaneous streams.
This response may be caused by pageviews from a PDF document. The first web request for a PDF document results in a 200 status code. For subsequent pageviews of the same PDF document, the Adobe Acrobat reader (versions 5.0 and above) makes requests to the web server and produces a status of 206 (HTTP/1.1 compliant web servers).
Remove the 206 Response Code from the Pass-Through list if you want Metrics to be able to track partial content responses such as subsequent pageviews from within a PDF document. If the partial content response is not passed through, Variations may not work when the Search Text fails. In this case, adjust the Triggers to apply only when the entire Search Text is found in the body text.
Not Modified Responses (304)
This Response Code is used for cache validation, telling the User-Agent that cached content has not been modified on the server. This indicates that the cached version is still fresh and there is no need to redownload the data.
Removing not modified responses from the Pass-Through list allows SiteSpect to track Metrics even for cached content. In general, the only time you need to remove "304" from this list is to enable Metric tracking for cacheable static binary content such as GIF's, JPEG's, etc. In these cases, SiteSpect adjusts content cacheability status so that browsers are still required to revalidate cached copies on each request. If the not modified response is not passed through, Variations may be disabled when the Search Text fails. In this case, adjust the Triggers to apply only when the entire Search Text is found in the body text.
Client Error Responses (4)
These Response Codes (4xx) indicate client errors returned by the back end web server when the browser request could not be fulfilled because a page could not be found ("404"), access was forbidden ("403"), etc. Edit this item if you want Metrics to track error pages or if you want Variations to modify the error message content (HTML) presented by your web server to visitors.
Server Error Responses (5)
These Response Codes (5xx) indicate server errors returned by the back end web server for internal server errors ("500"), unavailable service ("503)", etc. Remove this item if you want Metrics to track error pages or if you want to modify the error message content (HTML) presented by your web server to visitors.
Pass-Through Paths and URLs (case-insensitive)
Specifies URL paths that you want to be ignored by SiteSpect. These patterns match on the path and query portions of the request URL and not the protocol, hostname, or fragment portions. Specify one regular expression per line.
Pass-Through Request Headers (case-insensitive)
Specifies HTTP request headers that you want SiteSpect to ignore. These patterns match on the HTTP Head portion of the request. Specify one regular expression per line. The defaults are:
SiteSpect uses this pattern to better recognize robot requests and requests from visitors who should be ignored. SiteSpect inspects the User-Agent header sent in the request to ensure it meets certain minimum requirements. First, the length of the User-Agent string must be more than 30 characters long and second, it must contain at least one forward slash ("/"). If either of these conditions is false, SiteSpect passes through the request. Customize the pattern to configure minimum User-Agent length and characters for your Site.
Header Name Exclusions
SiteSpect uses this pattern to better recognize robot requests that should be ignored. SiteSpect checks for non-standard HTTP headers that are only used by known robots. When any of these headers is found, SiteSpect passes through the request.
Occasionally, it is useful to pass-through requests from visitors based on cookies. SiteSpect suggests customizing and adding to the field these patterns for specific use cases on the Site:
Visitors With a Do Not Track Cookie
This pattern passes through any request by a visitor with a cookie name or value containing the keyword "NOTRACK". Customize this pattern for the cookie name or value used by visitors to opt-out of tracking and testing.
Users Without a Tracking Opt-In Cookie
This pattern passes through any request by a visitor that lacks the tracking opt-in cookie "TrackPref=OK". Customize this pattern for the cookie name and value used to indicate tracking and testing preference for the Site.
Do Not Track Header
Do Not Track is an HTTP header-based mechanism that allows visitors to express preferences about third-party web tracking. With this pattern enabled, SiteSpect does not test any visitor who has opted out of third-party tracking.
You can add an ! (exclamation point) to the start of a pass-though header to make it negative.
For example, for users with a Do Not Track Cookie, the regex looks like this:
It means, if there is a cookie called NOTRACK, pass through the traffic.
The reverse looks like this:
It means, pass through all traffic unless you have a cookie called TRACK.
HTTP Request Exclusions
The HTTP Request Exclusion settings use specific information to help SiteSpect know when to exclude a visitor.
In-Site Referrer Check
The HTTP Exclusion called In-Site Referrer Check is an advanced method that SiteSpect uses to better recognize robot requests or requests from visitors who should be ignored. SiteSpect passes through any requests that do not contain identification cookies, yet have an HTTP Referrer header from within the Site. In other words, if it appears that the visitor is not accepting cookies in the first place or has deleted their cookies mid-session, SiteSpect attempts to ignore them for the remainder of their session based on the presence of the current Site in the referring URL. Malicious robots are known to fake in-site HTTP Referrer headers to make detection more difficult. Checked (the default) enables this feature; unchecked disables it.
Back End Network Communication Timeout
This value defines how long SiteSpect waits for the back end web server to respond before timing out. The timeout clock begins when network communications stall; if packets are received before timeout, then the transfer continues and the timeout clock starts over. If a timeout does occur, SiteSpect returns an error message to the visitor based on the Error Message Template. The default value is 60 seconds.
Content Settings allow you to customize error message templates and a default character set.
Error Message Template
Specifies the error message template to display in the event of 502, 503, or 504 HTTP errors. The following is the default message; you can create your own if you prefer.
We're sorry. The link that you clicked on could not be served. We are experiencing a temporary delay due to high volume. Please click RELOAD and try again. We apologize for the inconvenience.
Default Character Set
The Default Character Set determines the character set that SiteSpect uses if no character set is defined on your website. The default is Latin-1.
Specifies domains that are approved for editing in the Visual Editor Editing. Enter one per line. Make sure to write protocol and fully qualified domain name (e.g., http://www.sitespect.com). If you are using a non-standard port, make sure to include it as well.
The Security tab contains settings for authenticating SiteSpect users.
Two-Factor Authentication, also known as 2FA, is a two step verification process that adds an extra layer of security to an application. It requires not only a username and password but also something, such as a piece of information or a token that only you can know. This makes it harder for potential intruders to gain access to your data.
Enable Two-Factor Authentication
Checked, turns on Two-Factor Authentication; unchecked, turns it off.
Remember Users turns on a feature that allows users to have saved devices that don't require Two-Factor Authentication every time. Use the number of days to indicate for how many days users are remembered.
The History tab lists actions performed on your sites by SiteSpect users. Use the Filters area of the page to filter the list by user, types of actions or notes, and date range.