SiteLock Website Security
Sitelock is easy, economical and effective
Automatically Prevents Attacks
SiteLock monitors your website 24x7 for vulnerabilities and attacks, which means you can worry less about your website and more about your business.
Boosts Customer Trust
Over 70% Customers look for a sign of security before providing personal details online. The SiteLock Trust Seal not only re-assures customers but also boosts sales.
Starts Working Instantly
You don't need technical expertise to install and set up SiteLock for your website. SiteLock is cloud-based and starts scanning your website and email instantly.
How it Works
SiteLock screens every aspect of your web presence daily to identify security gaps. It not only checks your website, email and applications, but also search engine blacklists and spam filters.
SiteLock's 360 degree scan and powerful firewall identify advanced vulnerabilities before they can be exploited to damage your web presence, thus putting you one step ahead of hackers, always!.
Instantly Notifies and Fixes
SiteLock not only identifies threats, but also fixes them for you automatically. This way, SiteLock works in the background to protect your website, while it's business as usual for you and your customers.
SiteLock uses outside-in and inside-out FTP scans to screen all your files daily and identify security loopholes or malware injections. It not only identifies threats, but also fixes them instantly before they can hurt your web presence.
SiteLock scans all applications like blogs, shopping carts etc. for known vulnerabilities, which hackers exploit to attack your website. SiteLock will alert you of these gaps and inform you of upgrades to ensure your are running safe software on your site..
SiteLock will check if your website or servers are sending or referenced in spam emails. If your are caught by spam filters, many email programs will ignore mails sent by your site, which means that you will not be able to reach your customers.
SiteLock's TrueShield Firewall creates a force field around your website and uses a global network to identify malicious traffic, block bot attacks and protect your content from being "scraped", while ensuring search engine accessibility.
Changes to Files
With SiteLock's deep FTP scans, you will be instantly alerted of any changes that have been made to your files, so that you can stay on top of all activity happening on your website and catch unauthorized edits before they cause any damage.
Search Engine Blacklists
SiteLock monitors blacklists of search engines and checks their own database of 7,000+ malware sites, to ensure that your site is not linked to them or blacklisted. This way, SiteLock helps protect and boost your organic rankings and traffic.
SQL Injections (SQL-I)
Hackers can gain access to your database and steal customer information, including email addresses, passwords, credit card data etc. by inserting SQL commands in your website's input forms and running codes that you don't intend to..
Remote File Includes (RFI)
Attackers upload a custom coded, malicious file on a website or server using a script. The vulnerability exploits the poor validation checks in websites and can eventually lead to unintended code execution on the server or website.
Cross-Site Scripting (XSS)
Broken Authentication and Session Management
Often, application functions related to authentication and session management are not implemented correctly, allowing hackers to steal passwords, keys, tokens, or exploit other implementation flaws to assume users' identities.
Cross-Site Request Forgery (CSRF)
This attack forces a victim's browser to send forged HTTP requests, including the session cookie and other authentication information, to a vulnerable web application. This allows hackers to force the victim's browser to make requests which trick the application into believing that they are legitimate.
Unvalidated Redirects and Forwards
Due to improper validation, websites often redirect users to other pages using untrusted data to determine the destination. This allows attackers to redirect victims to phishing or malware sites, or use forwards to access unauthorized pages.
Insecure direct object references
When an application doesn’t verify if a user is authorized to view particular content, it can be manipulated to access private data.
Security misconfiguration flaws give hackers unauthorized access to system data via default accounts, unused pages, unpatched flaws, unprotected files and directories.
Insecure cryptographic storage
Many web applications don't do enough to protect sensitive data such as credit card numbers, Social Security numbers and login credentials. Thieves use this data for identity theft, credit card fraud or other crimes.
Insufficient transport layer protection
Applications often fail to authenticate, encrypt and protect the confidentiality of network traffic. Some use weak algorithms, expired or invalid certificates or use them incorrectly. This allows hackers to "eavesdrop" on online exchanges. An SSL certificate can also neutralize this threat.
On detecting a vulnerability or presence of malicious code on your website, SiteLock instantly notifies you via:
Instantly FixesIn addition to identifying malware, SiteLock's SMART Tool can actually fix it automatically.
- Conducts deep FTP scans for your files
- Identifies loopholes or vulnerabilities in your code
- Detects malicious code
- Removes malicious code and cleans your site
|Features for websites||Basic For Static websites
|Professional For Dynamic websites
|Premium For Ecommerce websites
|Enterprise For Web Applications
|Daily Malware Scan|
|Daily FTP Scan|
|Automatic Malware Removal|
|File Change Monitoring|
|SQL Injection Scan||1-time||1-time|
|Cross-Site Scripting Scan||1-time||1-time|
|Use of Global Network to Identify Malicious Behavior|
|Block Bad Bot Attacks|
|Search Engine Access|
|Comment Spam Elimination|
|Block content "scraping"|
|Search Engine Blacklist Monitoring|
|Phone Number Verification|
|Postal Address Verification|