SiteLock offers different types of scans to ensure the security of your website. The scans and analyses available to you depend on the type of subscription you have.
- Application scan - It looks for vulnerable or outdated applications installed on your web space, such as an outdated version of WordPress. This scan is performed once a month.
- Malware scan (Malware scan) - It performs a daily scan of your website in order to detect malicious software containing, for example, hidden links, hidden JavaScript commands, links to web pages known to contain malware, etc... The scan is done from the visitor's point of view, so it goes from the outside in.
- SMART scan (SMART scan) - Scans your website for malware and vulnerabilities from the inside out via FTP. SMART downloads your files and scans them for malware. If it finds malicious code, it removes the malware and uploads the cleaned file back to your server. A detailed description of how SMART works can be found in the SiteLock control panel.
- Spam scan (Scan for SPAM) - Scan SPAM databases and check if your domain is listed in any of them. If your domain is listed, this would indicate that someone has gained access to your email address.
- SQL injection scan (SQL injection scan) - Attempts to infiltrate your website by means of a SQL injection in your database. If SiteLock is able to alter your database, you will be informed about how and where SiteLock has gained access.
- SSL scan (SSL scan) - Check that your SSL certificate has been verified and is up to date.
- XSS scan (XSS scan) - Check if your website is vulnerable to cross-site scripting by attempting to infiltrate your website using cross-site scripting (XSS) techniques. This type of attack can be used to trick visitors into providing data to third parties.
- Advisories - It scans your website every month for problems with external redirects, cookies, etc. It also offers tips on how to improve security, such as using SSL encryption on pages where passwords are used or updating applications.
- Domain verification - Checks if you are the owner of the domain. This is done automatically when you register with SiteLock through One.com.
- WordPress AnalysisThis scan is only available if there is a WordPress installation on the web host. It checks for known vulnerabilities in the WordPress core, themes and plugins, and informs you if any are found. WordPress vulnerabilities are very easy to exploit, so we recommend that you act immediately if you receive an alert.
- Network scan - This scan is not available for SiteLock subscriptions through One.com. A network scan scans the ports that are open on a network. Since you are using our network, you are already protected by One.com's security measures.
