What is SiteLock?

With SiteLock you can actively protect your websites or the content of your pages from malware (malware), unauthorized access and other threats from hackers. We offer SiteLock in the Basic- and Premium-Version.

Similar to a virus program, the Premium Version scans up to 500 pages of your website and checks them intensively for security holes in the network.

If monitoring mode is activated, you will receive an automated email as soon as SiteLock a potential threat is detected in the scripts/contents on your web space.

SiteLock offers the following scanning and monitoring functions to protect your pages:

  • Website Application Scan: SiteLock informs you about security holes in used web applications such as Drupal, Joomla, Wordpress, PHP Nuke. The scan checks whether new updates or security-relevant patches are available for your web application.

  • SQL Injection Scan: SiteLock performs an SQL injection scan and attempts to identify risks related to database access via scripting applications. This identifies the infiltration of external database commands, data spying and other external database accesses.

  • Cross-site scripting (XSS) scan:
    In cross-site scripting (XSS), attackers exploit the absence of input and output checks in the scripts. For example, the attacker can use stolen credentials to manipulate a user profile by adding script code. Visitors are not only redirected to external websites. Keyloggers, Trojans or other malicious software are often downloaded in the background SiteLock detects potential security holes in this area and informs you of them.

  • Malware scan: SiteLock detects harmful malware (malicious software), such as external redirects, hidden links or links to known malware websites. This way you can protect visitors to your website from viruses and Trojans on their computers.

  • Search engine blacklist monitoring: Search
    engines such as Google maintain their own blacklists. A website is blacklisted if a virus or similar malware is loaded in the background. If the visitor has activated blacklist filtering in his browser, he will receive a corresponding warning page from e.g. Google when attempting to access the website. The actual website (and thus also the malware) is not loaded.

    SiteLock compares the blacklists of the search engines with your website or the assigned domain name. If the domain name is listed, you will be automatically notified by email and can react immediately.

  • SSL verification: SiteLock verifies existing SSL certificates and checks whether they are compatible with the requirements of the web browser. This prevents visitors to the site from receiving a data security warning, which could create a false sense of insecurity.

  • File Change Monitoring: SiteLock monitors whether changes were made to files after the last scan. This makes it easy for you to find out if any unwanted changes have been made.

You also have the option of including a security certificate with the SiteLock seal on your website after a successful security scan. The seal shows the date of the last passed scan.


The new 1&1 IONOS Help Centre with instructions and information about our domain products and services.