SiteLock is a cloud-based security tool that scans your website for malware and vulnerabilities. It not only detects threats but can also fix problems or security risks it encounters on your web space. Key Features of SiteLock.
SiteLock offers a comprehensive suite of scans and security features to ensure your website is secure. The availability of these features depends on your subscription plan.
Site Scanning
1- Malware Scan: Conducts daily scans of your site for malicious software, such as hidden links, obfuscated JavaScript, and links to known malware sites. This scan is performed from a visitor's point of view, simulating an external perspective.
2- SMART Scan: The Secure Malware Alert and Removal Tool (SMART) scans your website from the inside out via FTP. It downloads your files, scans them for malware, removes any malicious code, and re-uploads the cleaned files back to your server. Detailed information about SMART can be accessed through the SiteLock Dashboard.
3- Application Scan: Looks for outdated or vulnerable applications installed on your web space, such as old versions of WordPress. This scan is typically performed once a month.
4- SQL Injection Scan: Attempts to penetrate your site with SQL injection techniques. If successful, SiteLock informs you about how and where the vulnerability was found.
5- XSS Scan: Tests your website for cross-site scripting (XSS) vulnerabilities by attempting to exploit cross-scripting techniques. XSS can be used by attackers to trick visitors into providing sensitive data.
6- SSL Scan: Verifies the status of your SSL certificate, ensuring it is valid and up-to-date.
7- Spam Scan: Checks your domain against leading spam databases to determine if your domain is listed as a spammer. If listed, this may indicate that someone has gained unauthorized access to your email address.
8- Advisories: Provides monthly checks for issues with external redirects, cookies, and other security concerns. It also offers tips on improving your site's security, such as using SSL encryption on password pages or upgrading applications.
9- WordPress Scan: Available if there is a WordPress installation on your web space. This scan checks for known vulnerabilities in WordPress core, themes, and plugins, alerting you to any issues found. WordPress vulnerabilities are often easy to exploit, so immediate action is recommended.
10- Domain Verification: Automatically verifies your domain ownership when you sign up for SiteLock.
Additional Security Services
1- DDoS Protection: Safeguards your site from Distributed Denial of Service (DDoS) attacks, ensuring that your site remains accessible even during an attack.
2- Website Acceleration: Improves your site's performance and load times using a global Content Delivery Network (CDN).
3- Web Application Firewall (WAF): Provides real-time protection against known and emerging threats by filtering and monitoring HTTP traffic between a web application and the Internet.
4- PCI Compliance: Helps your website achieve Payment Card Industry Data Security Standard (PCI DSS) compliance, necessary for handling online transactions securely.
With SiteLock, you can proactively protect your website from a wide range of security threats, ensuring a safe experience for your visitors and maintaining your online reputation.
|