sellers.json

An article on sellers.json, its origin, purpose, potential vulnerabilities, example code, protection methods, and recommended security tools.

Introduction to sellers.json

What is sellers.json?
The sellers.json file is a standardized JSON file format introduced by the Interactive Advertising Bureau (IAB) for online advertising. It’s typically hosted by websites and digital advertising platforms to provide transparency into sellers of ad inventory, detailing who is authorized to sell certain ad space.
When Was sellers.json First Introduced?
The IAB Tech Lab introduced sellers.json in 2019 as part of a broader effort to combat ad fraud and improve trust within the digital advertising ecosystem. It works alongside the OpenRTB protocol and ads.txt files to create a secure, transparent ad-buying process.
Purpose of sellers.json in Digital Advertising
sellers.json serves to provide transparency in digital advertising by revealing the entities involved in the ad-selling process. This helps buyers verify who is legitimately authorized to sell or resell ad inventory, reducing the risk of fraud.
Core Functionality of sellers.json
The file lists details such as the seller’s ID, their role in the supply chain (e.g., direct seller or reseller), and contact information. Buyers use this information to authenticate the source of the ad inventory, ensuring it’s from a trusted seller.
Why sellers.json Became Essential for Digital Transparency
Ad fraud is a major issue in digital marketing, costing billions annually. sellers.json was developed to enhance transparency, allowing advertisers to confirm they’re purchasing legitimate ad space, thus helping to reduce fraud.

Structure of sellers.json

Basic Structure of sellers.json
The sellers.json file is written in JSON format and contains entries for each seller, listing their ID, domain, and role. It may look something like this:

   {
       "sellers": [
           {
               "seller_id": "12345",
               "name": "Example Publisher",
               "domain": "example.com",
               "seller_type": "PUBLISHER",
               "is_confidential": 0
           },
           {
               "seller_id": "67890",
               "name": "AdNetworkX",
               "domain": "adnetworkx.com",
               "seller_type": "INTERMEDIARY",
               "is_confidential": 1
           }
       ]
   }

Key Fields in sellers.json

seller_id: Unique identifier for the seller.
name: Name of the seller.
domain: Domain associated with the seller.
seller_type: Specifies if the seller is a direct publisher or intermediary.
is_confidential: Indicates if the seller’s identity is confidential.

Required vs. Optional Fields
While some fields are mandatory (e.g., seller_id, seller_type), others, like is_confidential, may be optional depending on the specific requirements of the advertising platform.

Why Hackers Target sellers.json

The Appeal of sellers.json to Cybercriminals
Although sellers.json is primarily informational, hackers can exploit it to deceive advertisers or insert malicious entries. This may allow them to profit from fraudulent ad revenue or redirect traffic.
Common Attacks on sellers.json

Data Manipulation: Attackers may try to alter sellers.json to include unauthorized sellers, diverting revenue.
Misrepresentation: Hackers may insert their own domains as authorized sellers, creating opportunities for ad fraud.
Malware Injection: In some cases, attackers may attempt to inject malicious URLs to redirect traffic or infect devices.

Impact of Compromised sellers.json on Ad Networks
If sellers.json is tampered with, advertisers may pay for low-quality or fraudulent ad placements, damaging trust in the platform and reducing ad effectiveness.

Example of a Typical sellers.json File

A Standard Example of sellers.json for Transparency
Below is an example of a sellers.json file from a hypothetical advertising platform:

   {
       "sellers": [
           {
               "seller_id": "pub-000123456789",
               "name": "Example Publisher Inc.",
               "domain": "examplepublisher.com",
               "seller_type": "PUBLISHER",
               "is_confidential": 0
           },
           {
               "seller_id": "adnet-0987654321",
               "name": "Example Ad Network",
               "domain": "adnetworkexample.com",
               "seller_type": "INTERMEDIARY",
               "is_confidential": 1
           }
       ]
   }

What Each Entry Represents
Each entry in sellers.json provides crucial information about who is selling or reselling ad inventory. This transparency helps build trust between advertisers and publishers.
Why Accurate Representation in sellers.json is Essential
Correctly listing sellers ensures advertisers know who they are buying from. Misrepresentation could lead to legal implications, as advertisers rely on this file to make purchasing decisions.

Indicators of a Compromised sellers.json

Signs of Malicious Modification in sellers.json

Unrecognized seller IDs or domains that don’t align with legitimate entities.
Suspicious changes in seller details or roles.
Unexpected redirects from ad placements.

Unusual Changes to JSON Structure
If the JSON structure has anomalies (e.g., unrecognized fields), it could indicate unauthorized modifications. Malformed JSON can also break functionality.

How to Protect sellers.json

Regularly Monitor sellers.json
Frequently review sellers.json to ensure that no unauthorized changes have occurred. Monitoring tools or scripts can alert you to unexpected modifications.
Set Strict File Permissions
Limit access to sellers.json by setting strict file permissions (e.g., 644 or 640), ensuring only authorized personnel or processes can edit it.
Limit Access to the File
Use server configurations to limit access to sellers.json so only approved IP addresses or users can modify it.
Use Digital Signatures for Verification
By digitally signing sellers.json, you can verify its authenticity and detect tampering. Digital signatures can also enhance transparency.
Implement a Version Control System
A version control system (like Git) can track changes, making it easier to detect unauthorized modifications and roll back to a previous version if needed.
Enable Automated Backups
Regular backups can help restore sellers.json quickly if it’s compromised, reducing downtime and ensuring data integrity.

Advanced Security Measures

Audit Logs for Change Tracking
Maintain audit logs to track who accessed or modified sellers.json and when. This can help in detecting unauthorized access attempts.
Implement Web Application Firewalls (WAFs)
A WAF can help block malicious requests targeting sellers.json, such as automated bots trying to alter the file.
Monitor for Suspicious Activity
Monitoring services can alert you to unusual traffic or access patterns targeting sellers.json, which could indicate attempted exploitation.
Validate JSON Structure and Contents
Regularly validate the JSON structure to ensure sellers.json isn’t malformed. Malformed JSON could prevent ad buyers from correctly verifying sellers.

Website Security Software for Protecting sellers.json

Sucuri
Sucuri offers website security solutions, including WAFs, malware scanning, and DDoS protection. Sucuri’s real-time monitoring can detect unauthorized changes to files like sellers.json.
Cloudflare WAF
Cloudflare’s Web Application Firewall is a robust choice for blocking malicious requests, protecting sellers.json from tampering by filtering out potentially harmful traffic.
Wordfence (WordPress)
Wordfence is a popular WordPress security plugin with file scanning, change alerts, and a firewall to protect important files like sellers.json.
iThemes Security (WordPress)
iThemes Security includes a file-change detection tool, which can alert you to any unexpected modifications in sellers.json and other files.
Astra Security
Astra Security provides WAF, malware scanning, and real-time monitoring. Astra’s WAF is particularly effective at blocking malicious traffic targeting sensitive files.
MalCare (WordPress)
MalCare’s automated malware scanning and real-time monitoring make it suitable for detecting unauthorized changes to critical files, including sellers.json.

Restoring sellers.json After a Breach

Revert to a Clean Backup
If sellers.json has been compromised, restore it from a clean backup. Regular, automated backups help ensure quick recovery with minimal data loss.
Analyze the Source of the Compromise
Investigate the breach to understand how sellers.json was altered. This will help you patch vulnerabilities and strengthen security for the future.
Enhance Security Measures After Recovery
Strengthen access controls, file permissions, and monitoring systems to prevent a similar breach in the future.

Long-Term Strategies for Protecting sellers.json

Regular Security Audits
Schedule routine security audits to examine sellers.json and other critical files for vulnerabilities. Security audits can help identify potential weak points in your configuration.
Educate Employees on Security Best Practices
Ensure that anyone who has access to sellers.json understands the importance of security and is trained to recognize and report suspicious activity.
Stay Updated with IAB and Security Best Practices
The IAB frequently updates its standards and recommendations for sellers.json. Keeping up with these updates will help you maintain a secure and compliant digital advertising environment.

sellers.json is an essential file in digital advertising, enabling transparency and trust between advertisers and publishers. However, its public accessibility and critical role in the ad supply chain make it a potential target for cybercriminals. By following best practices in access control, file monitoring, and using security tools, you can protect sellers.json from exploitation and maintain a secure advertising platform.