Domain settings

Once you have added the first domain, you can adjust the settings to your liking.

Tech Stack

What CMS, hosting, and CDN are you using for your website? RUMvision will try to fetch this information automatically. When we aren't able to do so, we will ask you to provide this information instead.

Sharing this will allow you to more easily integrate additional features, such as suggested Custom Timing


The security section of a domain offers the possibility to enforce Two Factor Authentication (2FA) on users as well as working with subresource integrity.

Allowed e-mail addresses

You can provide patterns or e-mail hostnames that a newly added account should comply with. If it doesn't match any of those matterns, the account will be blocked from being added to that domain. 

Domain 2FA

Enabling Two Factor Authentication for a domain will enforce users to either log in with 2FA, or set it up before beinig able to view any domain related (RUM) data.

Setting up Two Factor Authentication for your account is covered in our profile security section.

Subresource integrity

Subresource Integrity (SRI) is a security feature that ensures the integrity of our JavaScript that you implement on your site.

To enable SRI and JavaScript security, you simply need to enable the "JavaScript security" setting, choose the frequency and the algorithm to be used for hashing.

To actually enforce resource integrity, you will need to implement the adjusted snippet and keep the hash up-to-date to continue collecting RUM data, even when changes were made.

Read about what SRI is and how (often) to change the hash.


Adjust settings for the dashboards you will see within the tool, such as:

  • the default percentile that should be used;
  • the default dimension;
  • the default data range;
  • default metric thresholds or custom thresholds that should be used;
  • and if you want the RUMvision application to automatically create annotations on URL or snippet changes.

Do note that any of these settings will apply to all users working with and looking at that domain's data.

Content Security Policy

More websites and shops tend to use Content Security Policies (CSP) to block unknown third parties, improving security, privacy and performance at the same time. This could mean that despite any implementation efforts, the RUMvision script could unexpectedly not result in any data being collected.

To allow you to evaluate this, we introduced a CSP checker where you can check any CSP rules that we automatically fetched from your website, and how they might conflict with what's needed to make our monitoring work.

When you choose to self-host our JavaScript monitoring file, you will need to check CSP rules yourselves.


This panel offers ownership capabilities.

Verified ownership

By confirming the ownership, you are proofing that the domain belongs to your organisation. This prevents other users from being able to claim the domain as well. When you haven't confirmed the ownership of a domain, other users are still able to register to that domain as well.

The process of verifying ownership is only possible with a paid subscription, as verification requires you to run the snippet in order to proof that you have access to the source of the website. Having such access is our strongest proof of knowing that you own that domain. You are then able to confirm ownership via:

  • automated source code check;
  • an e-mail message to an e-mail address that belongs to the hostname of the domain.

Transfer ownership

A domain can still change ownership. For example when another organisation wants to take over payment responsibilities. This could happen when payment is moved from an agency to the merchant itself, or the other way around.

When the domain is yours, you cannot actively transfer ownerhsip. The ownership needs to be claimed by a user of another party. This means that that user should be part of a different organisation then yourselves, as domains are part of a single organisation. If such user doesn't exist yet, you should first invite that user to the domain.

The following is needed to make this work:

  • When inviting, don't select an existing organisation. Instead, select "create organisation for";
  • Be sure to give the user permissions for "settings". If you forgot to do this right away, you can change this by editing the permissions immediately after you added the user.

That user is then able to navigate to this ownership section of the domain, and request ownership transfer. You will then see this request within your ownership overview.

Changing ownership won't affect viewing-rights. Current users will still be able to see the dashboard and potentially other information of this domain. Approving a request for transfer will need password verification.

Your data

You can choose to delete certain parts or all data of a specific domain. You will only be able to delete the whole domain when we haven't noticed any tracking activity in the last 24 hours. When you try to delete the whole domain, we will notify you about the most recent activity.

Do note that after cancellation, your data will be deleted automatically as well, though at an unpredefined moment in time.