SiteLock is a cloud-based security tool that scans your website for malware and vulnerabilities. SiteLock not only detects threats, but can also fix problems or security risks it encounters on your web space.
Scan your site
SiteLock scans your website for vulnerabilities like SQL injection flaws and cross-site scripting. However, It also submits forms and posts comments to find vulnerabilities hackers use to break in.
In other words, SiteLock offers different scans to ensure that your site is secure. Which scans are available to you, depends on the subscription type you have.
List different scans:
Application scan –
Looks for outdated or vulnerable applications installed on your web space, like for example an outdated version of WordPress.
Malware scan –
SMART scan –
Scans your website for malware and vulnerabilities from the inside out via FTP. SMART downloads your files and scans them for malware.If you find malicious code, remove the malware and upload the cleaned file back to your server. A detailed description on how SMART works is available in the SiteLock Dashboard.
Use your domain to verify if your domain is listed as a spammer against major spam databases. This may show that someone has gained access to your email address if your domain is listed.
SQL injection scan –
Tries to penetrate your site with SQL injection in your database.
SSL scan –
Checks if your SSL certificate is verified and up-to-date.
XSS scan –
Checks if your website is vulnerable for cross-site scripting by trying to penetrate your site with cross-scripting techniques. You can use cross-site scripting to trick tourists into offering third-party information.
Checks your site every month for issues with external redirects, cookies, etc. Also gives tips on how to improve security, like for example using SSL encryption on password pages or upgrading applications.
Domain verification –
Checks if you are the owner of the domain. When you sign up for SiteLock, this is performed automatically for you
WordPress scan –
This scan is only available if there is a WordPress installation on the web space. It checks for known vulnerabilities in WordPress core, themes, and plugins and informs you if anything if found. WordPress vulnerabilities are very easy to exploit, so we recommend to take immediate action if you alerted.