What is SiteLock?

With SiteLock you can actively protect your websites and content from malware, unauthorised access and other online threats.

Similar to a virus program, the Premium version scans up to 500 pages of your website and checks them thoroughly for security holes in the network.

If monitoring mode is activated, you will receive an automated email as soon as SiteLock detects a potential threat in the scripts or contents on your web space.

SiteLock offers the following scanning and monitoring functions to protect your pages:

  • Website Application Scan: SiteLock informs you about security holes in web applications such as Drupal, Joomla, Wordpress, PHP Nuke. The scan checks whether new updates or security-relevant patches are available for your web application.

  • SQL Injection Scan: SiteLock performs an SQL injection scan and attempts to identify risks related to database access via scripting applications. This identifies the infiltration of external database commands, data spying and other external database access.

  • Cross-site scripting (XSS) scan: In cross-site scripting (XSS), attackers exploit the absence of input and output checks in the scripts. For example, the attacker can use stolen credentials to manipulate a user profile by adding malicious code. Visitors are not only redirected to external websites, but keyloggers, trojan viruses or other malicious software is often downloaded in the background. SiteLock detects potential security holes in this area and informs you of them.

  • Malware scan: SiteLock detects harmful malware (malicious software), such as external redirects, hidden links or links to known malware websites. This way you can protect visitors to your website from viruses and Trojans.

  • Search engine blacklist monitoring: Search engines such as Google maintain their own blacklists. A website is blacklisted if a virus or similar malware is loaded in the background. If the visitor has activated blacklist filtering in the browser, the visitor will receive a warning page from Google when attempting to access the website. The actual website (and any corresponding malware) will not load for the visitor's safety. SiteLock compares the blacklists of the search engines with your website or the assigned domain name. If the domain name is listed, you will be automatically notified by email and can react immediately.

  • SSL verification: SiteLock verifies existing SSL certificates, and checks whether they are compatible with the requirements of the web browser. This prevents visitors from receiving a data security warning, which could create a false sense of insecurity.

  • File Change Monitoring: SiteLock monitors whether changes were made to files after the last scan. This makes it easy for you to find out if any unwanted changes have been made.

You also have the option of including a security certificate with the SiteLock seal on your website after a successful security scan. The seal shows the date of the last scan.