- I just registered my website and my network scan shows "No information available". Why?
- What is SMART and how do you set it up?
- My network scan shows a lot of vulnerabilities. I thought my site was safe. How can I fix this?
- The malware scan came back with results for my site. What does this mean? How can I fix it?
- The email scan came back with results for my site. What does this mean? How can I fix it?
- My SSL scan failed. How can I fix this?
- SiteLock has completed the scan of my site, but the number of pages is less than I expected. What happened?
- I recently signed up for SiteLock and noticed that we are getting some empty submissions from some of the forms on our web site (Contact us, etc.). Why?
- I need to remove/modify a user.
- I own several websites. What do I need to protect them?
- My business contains multiple domains or websites. How can I monitor them all?
- What is Malware?
- How does SiteLock protect my online reputation?
- What is Application Scanning?
- How does SiteLock protect my data?
- I am having trouble getting the SiteLock Security Certificate to display on my site.
We are currently in the process of scanning your website, servers, and other hardware for vulnerabilities. This initial scan can take up to 24 hours. Please check back throughout the day. If you are still seeing this message after 24 hours, please contact support.
SiteLock’s SMART, or Secure Malware Alert & Removal Tool, performs deep internal website scans that will tell you when any file on your website changes, giving you full visibility to all activity on your site. If malware is detected, SMART can automatically remove it so that your website maintains a safe and secure environment for our visitors.
This comprehensive scan performs daily inside-out, as well as outside-in, checks of your website that go beyond most surface scans. SMART is included in Professional, Premium and Enterprise.
To configure SMART:
1. Log into the SiteLock Dashboard (https://secure.sitelock.com)
2. Once in the dashboard, select site from the dropdown
3. Click the "Settings" link in the top menu next to the SiteLock logo.
4. On the "Settings" page, click the "SMART Settings" tab.
5. Enter your site's FTP address into the field labeled "FTP host address" (this information can be found in the Control Panel).
6. Enter your FTP username for this site into the "User ID" field.
7. Enter your site's FTP password into the "Password" field.
8. Select "Yes, remove malicious code automatically" from the "Automatically remove malware" dropdown box.
9. Select "Normal (1 connection)" from the "Select a speed for FTP file downloads" dropdown box.
10. Leave the "Root Directory" field blank.
11. Leave the "(S)FTP Port number" field blank.
12. Leave the "Maximum Download Time for your website data synchronization" dropdown box in the default position (30 minutes/day).
13. Select how frequently you want the scan to run from the "Scan Frequency" dropdown.
14. Click the "Submit" button.
15. When the box pops up asking if you want to run the scan now, click "Yes". Your scan will be queued and you can check the results of the scan in the SiteLock dashboard.
You have several options to remediate network vulnerabilities. When you open the detail section, you will see a list of all open ports. If you believe that we have identified these ports in error, click the "Report False Positive" link at the top of the box. The resulting page will allow you to mark any ports as false positive, or mark lower priority ports, to ignore them. You can also take advantage of our Expert Services team, who can help you resolve security issues.
The malware scan will notify you of any pages or links on your site that have been listed as distributors of malware (viruses, spyware, identity theft scams, etc.). If you are on these lists, many browsers and search engines will 'black-list' your site, meaning Internet users will not be able to see it in search results and it will be flagged if they navigate to your site. To get your site cleaned up and off of these lists, remove offending links and clean your website to make sure there are no viruses or spyware present. Another option is to let us help you. SiteLock offers its Expert Services to help you remediate these issues. If you believe your site has been listed in error, click the "Report False Positive" link at the top of the box and you'll be taken to a page with instructions to initiate the process of getting your site removed from the malware list.
The email scan will notify you if your website or servers are sending or referenced in spam emails. If you are identified on these lists, many email programs will ignore or classify emails from your site as spam. This means your customers and users will not get email from you in many cases. To get your site off these lists and re-open communication with your customers, you must get off of these email 'blacklists'.
If your business requires SSL encryption of data, you need an up-to-date certificate to ensure that your customers' data is safe. The SSL scan will show as failed if your certificate is out of date. You need to renew your certificate with your SSL provider.
There are two possible explanations. First, check the limits of the package you have purchased. Certain limits apply to our packages. If that is not the reason, it may be that our "spider" cannot find all of the pages on your site. In many cases, this can occur if there are portions of your site not linked in some way to your home page. Since our spider works primarily by "crawling" from link to link on your site, unlinked pages are sometimes missed. To help us get a more comprehensive scan, you can place a "sitemap" file on your site, which will tell our spider where to look. For details on how to create this file, please visit http://www.sitemaps.org
SiteLock probes your site to determine if fields and forms on your site are vulnerable to attempts by hackers looking to exploit these forms to gain access to your data. This will result in attempts to submit forms on your website with encoded data.
If you wish to stop receiving these e-mail's or entries, you may want to do some validation on the fields within your form to ensure that data is being submitted in the correct formats before triggering e-mail's or database inputs. Since we insert data that would not likely be valid for any fields on your site, these validation measures should stop you from getting these empty e-mail's or entries. It's also good coding and security practice to make sure your site's visitors are providing the correct data in the expected formats. If you need help with form validation, contact our Support team.
Click the 'Users' link at the top of the page. There you will see an 'Add Users' button. Fill in the information presented and the new user will have access to the site.
Click the 'Users' link on the top of the page. Next to each user's ID are modify and remove buttons. Click on the appropriate button to perform the desired action.
SiteLock is sold as a subscription per domain. You would purchase a separate subscription for each website that you would want to protect.
Click the "Sites" link at the top of the page. There you can choose to add a site and enter the required information. The information will be displayed alongside your current site information in the dashboard.
Malware, short for malicious software, can be installed on your website by hackers who are able to find weaknesses on your web server. A typical website may have thousands of potential vulnerabilities for malware injection.
Once placed on a website, malware can then be used to spread viruses, steal personal or financial data, and even hijack computers. It is not easily detected and may infect your customers' computers after they visit your website. Ultimately, this negatively affects your business reputation and can result in lost business.
SiteLock's patent-pending 360-degree scan helps you make sure your website and communications are reaching your visitors as intended in three key ways:
1. Malware blacklist monitoring: We monitor search engine and proprietary lists of sites reported as malware to make sure visitors arrive at your site, not a "Red Screen" warning from their browser or search engine
2. E-mail spam blacklist monitoring: We compare your e-mail address, domain name, and e-mail server to industry and proprietary lists used by popular e-mail programs to identify which messages to mark as "Spam". This ensures that your e-mails reach your customers' inbox - not their spam folder.
3. SSL Scanning: If you have an SSL certificate installed on your site for data encryption, we will scan that certificate to verify that it is not expired or otherwise out-of-compliance with web browser expectations. This prevents users from seeing warnings about data security when they visit your site.
Failure to keep up with and monitor any of these items can result in lost customers, abandoned visits to your website, and wasted marketing and website design efforts.
Application scanning will verify the applications you've installed on your website against known vulnerabilities. As application versions age (like Windows 2000 or WordPress 1.0), hackers will find ways to attack these programs. The publishers then update them with newer versions, which you need to upgrade to in order to stay safe. SiteLock verifies your version against catalogs of vulnerabilities to ensure you are running safe software on your site. If we discover a vulnerability in our testing, we report it to you immediately and can help you secure your site.
SQL injection, is an extremely damaging attack in which hackers will attempt to access information stored in your database, such as customer data or user ID's and passwords. SQL stands for Structured Query Language and is the programming language understood by databases. By inserting commands from this programming language into fields on your website's input forms, hackers can gain access to the database records of vulnerable sites, stealing credit card data, passwords, e-mail addresses and any additional data available in the database.
SiteLock SQL injection scanning reviews all of the files and applications on your website to detect any injections that have been inserted in your website code. If we identify an infiltration, we will notify you immediately via email. Your SiteLock dashboard will show a list of infected pages, and our Expert Services team can help you repair your website.
SiteLock Trust Seal Installation
First, we need to determine where you are installing your shield. Are you trying it on a page stored on your local computer or on a live web site?
If you are using a local computer for development, then you need to add http: before the several instances of '//shield.sitelock.com' in the code so that it looks like http://shield.sitelock.com. The original code should work on any live web site and any major browser, but you need to make the adjustment above to display it on your computer.
To show the SiteLock badge on your site, please log in to your dashboard - available from your web hosting control panel or by visiting sitelock.com. At the bottom of the dashboard is the badge section. Choose a badge format, save your preference, and then copy and paste the code into your site wherever you want the badge to display.
If you are using Weebly tool to create the website, then please follow the steps given below:
1. Log into the control panel, along with your account username and password.
2. Click on 'Weebly Drag and Drop Builder' under 'Website'.
3. Click on 'Edit My Site'.
4. Click on 'Elements'.
5. Drag 'Custom HTML' element to body of your website, where you wish to add custom HTML.
6. Click on 'Click to set custom HTML'.
7. Click on 'Edit Custom HTML'.
8. Enter the HTML code.
If you are using CM4all tool to create the website, then please follow the instructions given below:
1. Log into the control panel, along with your account username and password.
2. Click on 'CM4all'.
3. Click on 'Edit'.
4. Click on 'Settings'. Make sure that the check box 'Activate footer text' is enabled.
5. Click on the 'Edit Content' and then click on the Menu bar 'Edit,' select 'Edit footer'.
6. Here, you can paste the HTML code (SiteLock shield code) and apply for saving. Check the preview to verify it. If it is working then publish the website.
Please contact your Web Hosting Provider for further clarifications on using HTML code in CM4all.
If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see list here)