Sitelock’s Daily Vulnerability Scanning identifies vulnerabilities and fixes them automatically
Our expert team
Website Security provides a complete, all-encompassing and easy-to-use tool to keep your site protected from malware, hackers and other online security threats. After all, your website’s the center of your business, your brand and all the amazing things you’re bringing to the world. It deserves complete protection with all the tools you need to protect your business and customers online.
Sitelock™, the global leader in website security, is the only security solution to offer complete, cloud-based website protection. Its 360-degree monitoring finds and fixes threats, prevents future attacks, accelerates website performance and meets PCI compliance standards for businesses and websites of all sizes. Founded in 2008, SiteLock protects over 12 million websites worldwide
A range of features designed to protect both your website and your business’ reputation:
Proactively monitors for and alerts you about any malware that is detected on your website.
Automatically checks your applications to ensure they're up-to-date and secured against known vulnerabilities.
Give your visitors added confidence by showing your website is protected by SiteLock.
Daily scans help detect malware early before search engines have a chance to find it and blacklist your site.
If a scan finds anything, SiteLock will safely remove any known malware automatically.
Get protection against the top 10 web app security flaws as recognised by OWASP, the Open Web Application Security Project.
The TrueShield™ Web Application Firewall protects your website against hackers and attacks.
Instant and fully automated setup gives you protection immediately without anything to install.
All Website Security plans include malware scanner, SSL, Web Application Firewall (WAF), allowing your site to provide HTTPS encryption. This lets visitors know that your site’s trustworthy and that any data they exchange with your site is encrypted, keeping it safe from snooping or exploitation.
Our WAF intercepts and examines incoming data and neutralizes malicious code from security threats like SQL injections and DDoS attacks, warding off any damage from being done to your site.
Take a proactive, preventative approach to the safety of your website. The Website Security firewall blocks attacks on your site while its malware scanner regularly searches your site for malicious content and alerts you if any is found.
All you need to do is submit a malware removal request, and our expert security team will get to work cleaning up your site.
Website Security even protects your website’s search rankings by checking to see if your site’s been placed on any blocklists while working with you to get you off those lists.
SiteLock provides simple, fast and affordable website security to websites of all sizes. Founded in 2008, the company protects over 12 million websites worldwide. The SiteLock cloud-based suite of products offers automated website vulnerability detection and malware removal, DDoS protection, website acceleration, website risk assessments, and PCI compliance.
Servers have different layers for communication. The OSI model has 7 layers. The firewall provided by most hosting companies is going to be focused on layers 3 and 4 of the OSI model. These layers are set to always allow http requests from port 80. Port 80 is set to always allow HTTP requests from Web clients. This is what allows a site to be visible to the internet. However, malware attacks today can be sent via an HTTP request through port 80. The difference between a safe request and a malicious request is the content being sent. A host’s firewall does not examine the content being sent via port 80, it is merely interested on ensuring the the request is the correct type through the right port. If it is an HTTP request, it will be allowed through port 80. A web application firewall (WAF) works at Layer 7 of the OSI model, which is the application layer. A WAF utilizes a general rule set to determine if the content being sent is safe or malicious.
SiteLock Scanner Lite and SiteLock Find run via HTTPS and scan what is web visible. Your clients will not require any server access to use these products.. For services Such as Fix and Defend they will require FTP, SFTP, or FTPS access so that SMART can access and download the website flies to the SiteLock Secure Server. Additionally, in order to utilize the WAF, clients will require access to their DNS records.
Website Security lets you set up your site’s security scanning frequency, install your SSL Certificate and monitor your site for malware and other online security threats — all from one dashboard.
Depending on your Website Security Suites plan, you can choose from a 30-minute, 12-hour or once-a-day security monitoring and scan frequency. If any malware is found, you’ll be notified immediately.
A WAF is a cloud-based firewall service that screens and protects your real-time website traffic from threats like SQL injection attacks (malicious data that essentially tricks your site into doing something it shouldn’t) and DDoS attacks (crashes your site by overwhelming it with a flood of automated traffic). WAF only takes a few minutes to set up and is the front-line defense for your site in between Website Security scans.
Yes, SiteLock is compatible with any hosting environment.
No. During a website scan, SiteLock downloads the relevant files via FTP to a secure server and perform scans there. There is no impact to the website content, code, bandwidth, or server resources and no software needs to be installed on the server.
SMART is the Secure Malware Alert and Removal Tool (SMART). SMART can be set to 1 of 2 settings; “Yes, automatically remove the malware found” or “No, just warn me”. SMART performs an inside-out scan by connecting to the site via FTP and,making as copy of the website files to download to a SiteLock secure server. SMART is able to identify and remove coding from the files. Once the scan is complete, if malware was removed, a clean copy of the file(s) will be uploaded to the server,replacing the infected file(s). If you choose to set SMART to “No, just warn me,” you will only be notified of the malware found and have the ability to review the findings inside the dashboard.
The SiteLock product will be active once the user has paid for and configured the service(s). SiteLock Scanner Lite and SiteLock Find do not require configuration. SiteLock Premium and SiteLock Defend do require configuration. There are multiple scans included with each product and many of the scans will not require a configuration, as they run via HTTPS.
Services that need to be configured include;
(1) SMART – Instructions can be found inside the SiteLock Dashboard. “Settings” tab -> “Download settings” tab. From the “Download Settings” screen, click on “use the wizard” at the top right.
(2) Web application firewall (SiteLock Defend only). Instructions can be found inside the SiteLock Dashboard. From the “Dashboard Tab”, click on the circle that says “Trueshield Configure.” Once you click on the circle, you will be taken to another screen that has instructions on step by step set up. If you require assistance with setting up the Web Application Firewall (WAF), please call SiteLock technical support team available 24/7/365.
A WAF is a cloud-based firewall service that screens and protects your real-time website traffic from threats like SQL injection attacks (malicious data that essentially tricks your site into doing something it shouldn’t) and DDoS attacks (crashes your site by overwhelming it with a flood of automated traffic). WAF only takes a few minutes to set up and is the front-line defense for your site in between Website Security scans.
Yes — while an SSL certificate encrypts data being transmitted to and from your website, it doesn’t protect your site from other vulnerabilities, such as malware, SQL injections or DDoS attacks. By utilizing both an SSL and Website Security, you’re ensuring that all aspects of your site are protected.
We recommend you work with your payment provider (e.g., PayPal Checkout) to understand any additional requirements for which you are responsible.