SiteLock

sitelock_ban.jpg


Sitelock Plans    money-back.png

BASIC
960 / per year
  • Up to 25 Pages
  • Daily Malware Scan
  • Reputation Management
  • -
Professional
3120 / per year
  • Up to 100 Page
  • Automatic Malware Removal
  • Daily FTP Scanning
  • File Change Monitoring
Premium
3828 / per year
  • Up to 500 Pages
  • Website Vulnerability Scanning
  • Network Security Scanning
  • SQLi (SQL-I) and XSS Scanning
Enterprise
12588 / per year
  • Up to 2500 Pages
  • Advanced Vulnerability Scanning
  • -
  • -

Sitelock is easy, economical and effective

How it Works

SiteLock screens every aspect of your web presence daily to identify security gaps. It not only checks your website, email and applications, but also search engine blacklists and spam filters.

Website Files
  • SiteLock uses outside-in and inside-out FTP scans to screen all your files daily and identify security loopholes or malware injections. It not only identifies threats, but also fixes them instantly before they can hurt your web presence.
Search Engine Blacklists
  • SiteLock monitors blacklists of search engines and checks their own database of 7,000+ malware sites, to ensure that your site is not linked to them or blacklisted. This way, SiteLock helps protect and boost your organic rankings and traffic.
Emails
  • SiteLock will check if your website or servers are sending or referenced in spam emails. If your are caught by spam filters, many email programs will ignore mails sent by your site, which means that you will not be able to reach your customers.
Visitor Traffic
  • SiteLock's TrueShield Firewall creates a force field around your website and uses a global network to identify malicious traffic, block bot attacks and protect your content from being "scraped", while ensuring search engine accessibility.
Changes to Files
  • With SiteLock's deep FTP scans, you will be instantly alerted of any changes that have been made to your files, so that you can stay on top of all activity happening on your website and catch unauthorized edits before they cause any damage.
Applications
  • SiteLock scans all applications like blogs, shopping carts etc. for known vulnerabilities, which hackers exploit to attack your website. SiteLock will alert you of these gaps and inform you of upgrades to ensure your are running safe software on your site.

SiteLock's 360 degree scan and powerful firewall identify advanced vulnerabilities before they can be exploited to damage your web presence, thus putting you one step ahead of hackers, always!

SQL Injections (SQL-I)
  • SiteLock uses outside-in and inside-out FTP scans to screen all your files daily and identify security loopholes or malware injections. It not only identifies threats, but also fixes them instantly before they can hurt your web presence.
Search Engine Blacklists
  • Attackers upload a custom coded, malicious file on a website or server using a script. The vulnerability exploits the poor validation checks in websites and can eventually lead to unintended code execution on the server or website.
Cross-Site Scripting (XSS)
  • XSS flaws occur due to improper validation. Attackers exploit common client-side scripts like JavaScript and HTML and execute code in the victim's browser which can hijack user sessions, deface sites, or redirect the user to malicious sites.
Session Management
  • Often, application functions related to authentication and session management are not implemented correctly, allowing hackers to steal passwords, keys, tokens, or exploit other implementation flaws to assume users' identities.
Cross-Site Request Forgery
  • This attack forces a victim's browser to send forged HTTP requests, including the session cookie and other authentication information, to a vulnerable web application. This allows hackers to force the victim's browser to make requests which trick the application into believing that they are legitimate.
Unvalidated Redirects and Forwards
  • Due to improper validation, websites often redirect users to other pages using untrusted data to determine the destination. This allows attackers to redirect victims to phishing or malware sites, or use forwards to access unauthorized pages.

SiteLock not only identifies threats, but also fixes them for you automatically. This way, SiteLock works in the background to protect your website, while its buisness as usual for you and your customers.

Instantly Notifies (SQL-I)
  • On detecting a vulnerability or presence of malicious code on your website, SiteLock instantly notifies you via:
  • *SMSes will be sent to the list of supported countries only
Instantly Fixes
  • In addition to identifying malware, SiteLock's SMART Tool can actually fix it automatically
    • *SMART Tool:
    • Conducts deep FTP scans for your files
    • Identifies loopholes or vulnerabilities in your code
    • Detects malicious code
    • Removes malicious code and cleans your site

What People Says

View more...

SiteLock FAQ's

What is SiteLock and what does it do?
SiteLock is a service that performs daily scans of a website to identify vulnerabilities and protect against threats like viruses, cross-site scripting, SQL injection and even email blacklisting. The SiteLock™ Trust Seal provides customer confidence and increases your sales and conversions.
What types of problems does SiteLock scan for?
SiteLock performs a Deep 360 Scan that encompasses:
• Reputation monitoring: ensures the reputation of the website is intact and communication to visitors and customers is uninterrupted.
• Malware blacklist: monitors search engine and proprietary malware lists to make sure the site is not blocked by search engines and browsers.
• Spam blacklist: ensures that e-mails reach customers' inbox (not their Spam folder), SiteLock verifies e-mail addresses, domains, and email servers against lists used by popular email tools to identify spam.
• SSL Verification: ensures users do not see a certificate warning or error when visiting your site.
• Network security: validates the security of the network by making sure there is no opportunity for hackers to access the server.
• Drive-by-downloads: scans the website to ensure visitors are not being infected with viruses often placed on websites by hackers.
• Customer data protection (SQL & XSS): performs forward- and backward-looking scans to make sure current and future visitor/customer data on the site is secure.
• Application security: certifies the validity of the business and provides a certification badge to display to website visitors to let them know the business or website is legitimate.
• Business Verification: ensures the reputation of the website is intact and communication to visitors and customers is uninterrupted.
• Domain ownership: ensures that the domain owner is in control of the website domain.
• Postal Address: verifies that the site owner can receive and respond to postal mail, such as customer payments or inquiries.
• Phone Verification: ensures that there is a phone number where customers can report issues or request additional products or services.
How is SiteLock billed?
SiteLock is a subscription service which is billed for in advance and available in one-year terms.
What is the email address that all SiteLock emails sent to customers will be coming?
The list of emails that are sent come from servers -support@sitelock.com, customerservice@sitelock.com and sales@sitelock.com. You may want to whitelist these email addresses
How does SiteLock notify customers when it finds an issue?
Site visitors will not be alerted to any problem. The SiteLock seal will simply continue to display the date of the last good scan of the website site. If the site owner fails to rectify the problem, within a few days SiteLock will remove the seal from the site and replace it with a single pixel transparent image. At no point will SiteLock display any indication to visitors that a website has failed a scan
Will SiteLock impact website performance?
No. SiteLock scans won't impact the performance of a website. The SiteLock seal has no impact on load times.
How does the Virus Scan work?
The Virus scanner works by pulling the files from our daily scans and comparing them to an industry-leading database of virus signatures to determine if there is any match between your site and known malicious code. Because this is an intensive process and it is important to avoid an impact to your website’s performance, the scan is done on a rolling basis, downloading a piece of your site each day. For most sites, this process completes within 30 days.
How do I install the SiteLock seal?
Users simply include the JavaScript snippet that SiteLock provides in the footer area of their site or template.
What is the sign-Up Process?
The Site Lock product will be active once the user has paid for and configured the service, by entering the required account information.
• A welcome email is sent out from SiteLock - The email contains instructions for installing the SiteLock certificate on their website.
• Phone verification is attempted within 1 hour.
o This is an automated call that informs the customer of the 4 digit pin for their account
o The customer must log in to their dashboard and enter the code for verification to be completed
o If a client does not answer, they can request another call in their dashboard
• A scan of the clients website will take place within 24 hours.
o Scans run late at night so typically by midnight, their site will have been scanned
o If vulnerabilities are found, the client will be notified via email and message alert within their dashboard
When the scan has been completed, the client can add the SiteLock seal to their website.