SiteLock FAQ

- Industries
- Solutions
  - Our Expertise
  - Strong Identities
  - Secure Payments
  - Protected Data
- Featured Products
  - As a Service Products
- Enterprise ID & Issuance
  - Instant ID as a Service
    Learn More
  - Instant Issuance
- Financial ID & Issuance
  - Digital Card Solution
    Learn More
  - Digital Banking
    1. Digital Account Opening
    2. Digital Card Solution
  - Instant Issuance
  - Central Issuance
- Government ID & Issuance
  - Digital Citizen
    1. Seamless Travel as a Service
    2. ePassport as a Service
  - Instant Issuance
    1. Other citizen IDs and licenses.
    2. System Software
    3. Supplies
    4. Services
  - Central Issuance
    1. Passports, national IDs and driver licenses.
    2. Passport Issuance Systems
    3. National ID and Driver License Systems
    4. Inline Delivery & Insertion
    5. Standalone Delivery & Insertion
    6. System Software
    7. Supplies
    8. Services
  - Identity Verification as a Service
    Our IDVaaS solution allows remote verification of an individual’s claimed identity for immigration, border management, or digital services delivery.
    Learn More
- Cloud Security Posture Management
  - CloudControl 30-Day Free Trial
    Entrust CloudControl offers comprehensive security and automated compliance across virtualization, public cloud, and container platforms while increasing visibility and decreasing risks that can lead to unintended downtime or security exposure.
    Start Free Trial
- Key Management and Encryption
  - KeyControl for VM Encryption
  - KeyControl 30-Day Free Trial
    VMware vSphere and vSAN encryption require an external key manager, and KeyControl is VMware Ready certified and recommended. KeyControl enables enterprises to easily manage all their encryption keys at scale, including how often keys are rotated, and how they are shared securely.
    Start Free Trial
- Hardware Security Modules (HSM)
  - 1. nShield as a Service
  - nShield HSMs
  - Why you need an HSM
    Learn about all the details related to what hardware security modules offer you in security and cost savings...
    Learn More
- Digital Certificates
  - 1. Buy Certificates
    2. Renew Certificates
  - TLS/SSL Certificates
  - Qualified Certificates
    1. QWAC eIDAS Certificates
    2. QWAC PSD2 Certificates
  - Sales and Services
- Identity and Access Management (IAM)
  - Products
    1. Identity as a Service
      Cloud-Based IAM
    2. Identity Enterprise
      On-prem IAM
    3. Identity Essentials
      On-prem MFA solution for Windows users
    4. APIs and SDKs
  - Get Entrust Identity as a Service Free for 60 Days
    Explore the Identity as a Service platform that gives you access to best-in-class MFA, SSO, adaptive risk-based authentication, and a multitude of advanced features that not only keep users secure, but also contribute to an optimal experience.
    Start Free Trial
- Electronic and Digital Signing
  - Digital Signing as a Service
  - Digital Signing Certificates
  - Digital Signing Infrastructure
  - EU Qualified Trust Services
    In addition to our long-standing Adobe Approved Trust List (AATL) membership, we are a European Qualified Trust Service Provider for the issuance of eIDAS qualified certificates for qualified signatures and advanced seals, for PSD2 certificates and for QWACs
    Learn More
- Public Key Infrastructure (PKI)
  - PKI Products
  - Managed Services
  - Cryptographic Center of Excellence
  - Try Post-Quantum PKI as a Service Now
    Get PQ Ready. PKIaaS PQ provides customers with composite and pure quantum Certificate Authority hierarchies.
    Try Now
- Resources
  - Issuance Systems Knowledge Base
    Learn More
  - Digital Security Knowledge Base
    Learn More
  - Cybersecurity Institute
    Get critical insights and education on security concepts from our Trust Matters newsletter, explainer videos, and the Cybersecurity Institute Podcast.
    Learn More
- Partners
  - Partner with Entrust
    Join one or more of our partner programs and we’ll help you increase profitability, expand your brand, and target strategic customers.
    Learn More
  - Partner Directory
    Search for partners based on location, offerings, channel or technology.
    Search for a Partner
  - Programs
  - Partner Logins
- Buy
  - Shop Certificate Services
    Shop for new single certificate purchases.
    Learn More
  - Certificate Services Customer Portal
    Existing Entrust Certificate Services customers can login to issue and manage certificates or buy additional services.
    Learn More
  - Certificate Services Partner Portal
    Existing partners can provision new customers and manage inventory.
    Learn More
  - Instant Financial Card Issuance Supplies
    1. Registered Customer Login
    2. Request Access
- About Entrust
  - Securing a World in Motion Since 1969
    We’ve established secure connections across the planet and even into outer space. We’ve enabled reliable debit and credit card purchases with our card printing and issuance technologies. Protected international travel with our border control solutions. Created secure experiences on the internet with our SSL technologies. And safeguarded networks and devices with our suite of authentication products.
    Explore Our History
  - Cybersecurity Institute
    Get critical insights and education on security concepts from our Trust Matters newsletter, explainer videos, and the Cybersecurity Institute Podcast.
    Learn More
- Search Entrust
  - Search:

SITELOCK FAQ

I just registered my website and my network scan shows "No information available". Why?
What is SMART and how do you set it up?
My network scan shows a lot of vulnerabilities. I thought my site was safe. How can I fix this?
The malware scan came back with results for my site. What does this mean? How can I fix it?
The email scan came back with results for my site. What does this mean? How can I fix it?
My SSL scan failed. How can I fix this?
SiteLock has completed the scan of my site, but the number of pages is less than I expected. What happened?
I recently signed up for SiteLock and noticed that we are getting some empty submissions from some of the forms on our web site (Contact us, etc.). Why?
I need to remove/modify a user.
I own several websites. What do I need to protect them?
My business contains multiple domains or websites. How can I monitor them all?
What is Malware?
How does SiteLock protect my online reputation?
What is Application Scanning?
How does SiteLock protect my data?
I am having trouble getting the SiteLock Security Certificate to display on my site.

I just registered my website and my network scan shows "No information available". Why?

We are currently in the process of scanning your website, servers, and other hardware for vulnerabilities. This initial scan can take up to 24 hours. Please check back throughout the day. If you are still seeing this message after 24 hours, please contact support.

What is SMART and how do you set it up?

SiteLock’s SMART, or Secure Malware Alert & Removal Tool, performs deep internal website scans that will tell you when any file on your website changes, giving you full visibility to all activity on your site. If malware is detected, SMART can automatically remove it so that your website maintains a safe and secure environment for our visitors.

This comprehensive scan performs daily inside-out, as well as outside-in, checks of your website that go beyond most surface scans. SMART is included in Professional, Premium and Enterprise.

To configure SMART:

1. Log into the SiteLock Dashboard (https://secure.sitelock.com)

2. Once in the dashboard, select site from the dropdown

3. Click the "Settings" link in the top menu next to the SiteLock logo.

4. On the "Settings" page, click the "SMART Settings" tab.

5. Enter your site's FTP address into the field labeled "FTP host address" (this information can be found in the Control Panel).

6. Enter your FTP username for this site into the "User ID" field.

7. Enter your site's FTP password into the "Password" field.

8. Select "Yes, remove malicious code automatically" from the "Automatically remove malware" dropdown box.

9. Select "Normal (1 connection)" from the "Select a speed for FTP file downloads" dropdown box.

10. Leave the "Root Directory" field blank.

11. Leave the "(S)FTP Port number" field blank.

12. Leave the "Maximum Download Time for your website data synchronization" dropdown box in the default position (30 minutes/day).

13. Select how frequently you want the scan to run from the "Scan Frequency" dropdown.

14. Click the "Submit" button.

15. When the box pops up asking if you want to run the scan now, click "Yes". Your scan will be queued and you can check the results of the scan in the SiteLock dashboard.

Infected Pages/Links

My network scan shows a lot of vulnerabilities. I thought my site was safe. How can I fix this?

You have several options to remediate network vulnerabilities. When you open the detail section, you will see a list of all open ports. If you believe that we have identified these ports in error, click the "Report False Positive" link at the top of the box. The resulting page will allow you to mark any ports as false positive, or mark lower priority ports, to ignore them. You can also take advantage of our Expert Services team, who can help you resolve security issues.

The malware scan came back with results for my site. What does this mean? How can I fix it?

The malware scan will notify you of any pages or links on your site that have been listed as distributors of malware (viruses, spyware, identity theft scams, etc.). If you are on these lists, many browsers and search engines will 'black-list' your site, meaning Internet users will not be able to see it in search results and it will be flagged if they navigate to your site. To get your site cleaned up and off of these lists, remove offending links and clean your website to make sure there are no viruses or spyware present. Another option is to let us help you. SiteLock offers its Expert Services to help you remediate these issues. If you believe your site has been listed in error, click the "Report False Positive" link at the top of the box and you'll be taken to a page with instructions to initiate the process of getting your site removed from the malware list.

The email scan came back with results for my site. What does this mean? How can I fix it?

The email scan will notify you if your website or servers are sending or referenced in spam emails. If you are identified on these lists, many email programs will ignore or classify emails from your site as spam. This means your customers and users will not get email from you in many cases. To get your site off these lists and re-open communication with your customers, you must get off of these email 'blacklists'.

My SSL scan failed. How can I fix this?

If your business requires SSL encryption of data, you need an up-to-date certificate to ensure that your customers' data is safe. The SSL scan will show as failed if your certificate is out of date. You need to renew your certificate with your SSL provider.

SiteLock has completed the scan of my site, but the number of pages is less than I expected. What happened?

There are two possible explanations. First, check the limits of the package you have purchased. Certain limits apply to our packages. If that is not the reason, it may be that our "spider" cannot find all of the pages on your site. In many cases, this can occur if there are portions of your site not linked in some way to your home page. Since our spider works primarily by "crawling" from link to link on your site, unlinked pages are sometimes missed. To help us get a more comprehensive scan, you can place a "sitemap" file on your site, which will tell our spider where to look. For details on how to create this file, please visit http://www.sitemaps.org

I recently signed up for SiteLock and noticed that we are getting some empty submissions from some of the forms on our web site (Contact us, etc.). Why?

SiteLock probes your site to determine if fields and forms on your site are vulnerable to attempts by hackers looking to exploit these forms to gain access to your data. This will result in attempts to submit forms on your website with encoded data.

If you wish to stop receiving these e-mail's or entries, you may want to do some validation on the fields within your form to ensure that data is being submitted in the correct formats before triggering e-mail's or database inputs. Since we insert data that would not likely be valid for any fields on your site, these validation measures should stop you from getting these empty e-mail's or entries. It's also good coding and security practice to make sure your site's visitors are providing the correct data in the expected formats. If you need help with form validation, contact our Support team.

General

I would like to share the dashboard with others in my company. How can I do this?

Click the 'Users' link at the top of the page. There you will see an 'Add Users' button. Fill in the information presented and the new user will have access to the site.

I need to remove/modify a user.

Click the 'Users' link on the top of the page. Next to each user's ID are modify and remove buttons. Click on the appropriate button to perform the desired action.

I own several websites. What do I need to protect them?

SiteLock is sold as a subscription per domain. You would purchase a separate subscription for each website that you would want to protect.

My business contains multiple domains or websites. How can I monitor them all?

Click the "Sites" link at the top of the page. There you can choose to add a site and enter the required information. The information will be displayed alongside your current site information in the dashboard.

What is Malware?

Malware, short for malicious software, can be installed on your website by hackers who are able to find weaknesses on your web server. A typical website may have thousands of potential vulnerabilities for malware injection.

Once placed on a website, malware can then be used to spread viruses, steal personal or financial data, and even hijack computers. It is not easily detected and may infect your customers' computers after they visit your website. Ultimately, this negatively affects your business reputation and can result in lost business.

How does SiteLock protect my online reputation?

SiteLock's patent-pending 360-degree scan helps you make sure your website and communications are reaching your visitors as intended in three key ways:

1. Malware blacklist monitoring: We monitor search engine and proprietary lists of sites reported as malware to make sure visitors arrive at your site, not a "Red Screen" warning from their browser or search engine

2. E-mail spam blacklist monitoring: We compare your e-mail address, domain name, and e-mail server to industry and proprietary lists used by popular e-mail programs to identify which messages to mark as "Spam". This ensures that your e-mails reach your customers' inbox - not their spam folder.

3. SSL Scanning: If you have an SSL certificate installed on your site for data encryption, we will scan that certificate to verify that it is not expired or otherwise out-of-compliance with web browser expectations. This prevents users from seeing warnings about data security when they visit your site.

Failure to keep up with and monitor any of these items can result in lost customers, abandoned visits to your website, and wasted marketing and website design efforts.

What is Application Scanning?

Application scanning will verify the applications you've installed on your website against known vulnerabilities. As application versions age (like Windows 2000 or WordPress 1.0), hackers will find ways to attack these programs. The publishers then update them with newer versions, which you need to upgrade to in order to stay safe. SiteLock verifies your version against catalogs of vulnerabilities to ensure you are running safe software on your site. If we discover a vulnerability in our testing, we report it to you immediately and can help you secure your site.

How does SiteLock protect my data?

SQL injection, is an extremely damaging attack in which hackers will attempt to access information stored in your database, such as customer data or user ID's and passwords. SQL stands for Structured Query Language and is the programming language understood by databases. By inserting commands from this programming language into fields on your website's input forms, hackers can gain access to the database records of vulnerable sites, stealing credit card data, passwords, e-mail addresses and any additional data available in the database.

SiteLock SQL injection scanning reviews all of the files and applications on your website to detect any injections that have been inserted in your website code. If we identify an infiltration, we will notify you immediately via email. Your SiteLock dashboard will show a list of infected pages, and our Expert Services team can help you repair your website.

SiteLock Trust Seal Installation

I am having trouble getting the SiteLock Security Certificate to display on my site.

First, we need to determine where you are installing your shield. Are you trying it on a page stored on your local computer or on a live web site?

If you are using a local computer for development, then you need to add http: before the several instances of '//shield.sitelock.com' in the code so that it looks like http://shield.sitelock.com. The original code should work on any live web site and any major browser, but you need to make the adjustment above to display it on your computer.

To show the SiteLock badge on your site, please log in to your dashboard - available from your web hosting control panel or by visiting sitelock.com. At the bottom of the dashboard is the badge section. Choose a badge format, save your preference, and then copy and paste the code into your site wherever you want the badge to display.

If you are using Weebly tool to create the website, then please follow the steps given below:

1. Log into the control panel, along with your account username and password.

2. Click on 'Weebly Drag and Drop Builder' under 'Website'.

3. Click on 'Edit My Site'.

4. Click on 'Elements'.

5. Drag 'Custom HTML' element to body of your website, where you wish to add custom HTML.

6. Click on 'Click to set custom HTML'.

7. Click on 'Edit Custom HTML'.

8. Enter the HTML code.

If you are using CM4all tool to create the website, then please follow the instructions given below:

1. Log into the control panel, along with your account username and password.

2. Click on 'CM4all'.

3. Click on 'Edit'.

4. Click on 'Settings'. Make sure that the check box 'Activate footer text' is enabled.

5. Click on the 'Edit Content' and then click on the Menu bar 'Edit,' select 'Edit footer'.

6. Here, you can paste the HTML code (SiteLock shield code) and apply for saving. Check the preview to verify it. If it is working then publish the website.

Please contact your Web Hosting Provider for further clarifications on using HTML code in CM4all.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see list here)