SiteLock API overview

Webpage Scan: SiteLock’s Webpage Scan examines the user’s website, externally crawling the site’s source code from the Internet up to the page limit of the specific plan. The scan seeks and reports on findings such as malicious code (for example, redirects or defacements), infected JavaScript code, and embedded referral links. The scan also checks all externally-pointing URLs found on the site against lists of known malicious and spam websites.

Vulnerability Scan: The SiteLock Vulnerability Scan is a collection of services that search for and report on specific website issues.

Cross-Site Scripting (XSS) Scan: This scan examines all JavaScript on the site, searching for any vulnerabilities in code that could potentially result in cross-site scripting attacks.

Structured Query Language Injections (SQLi): This scan tests site links for weaknesses in parameters used in URL queries, to prevent unauthorized access to sensitive or protected information stored in a site’s database services.

Platform Scan: The SiteLock Platform Scan examines popular Content Management Systems (such as WordPress, Joomla, or Drupal) for obsolete or out-of-date versions and known potential vulnerabilities in those platforms and their associated add-ons like plugins or themes.

Secure Sockets Layer (SSL) Scan: Validates the SSL certificate installed on the user’s site. This scan checks for valid domain and hostnames, a valid certificate authority and that the certificate is not expired.

Email Reputation Scan: SiteLock checks the user’s domain and origin IP address against current known email spam lists.

Domain Validation: SiteLock provides multiple methods for the user to validate that they actually own and are authorized to use the domain name for their site.

SMART: SiteLock’s SMART scan, after configuration by the user, downloads all files from the user’s website directories. Once fully synced, SMART scans program files (PHP, JavaScript and other scripts), Cascading Style Sheets (CSS), text and other potential sources. Malicious code found in these files is removed from the file and the cleaned file is uploaded back to the user’s live site.

SMART Patch: Patch scans the script files of popular content management system (CMS) applications such as WordPress, Joomla, Drupal and others. If unpatched vulnerabilities are found in these files, the user has the option to patch the files to eliminate these issues.

SMART Database Scan: SMART DB, once configured by the user, scans tables in the site’s backend MySQL databases, seeking any injected malware code, spam links and other vulnerabilities. The user has the option of cleaning the tables or removing any issues directly.

Firewall & CDN: The Firewall & CDN, once configured, intercepts all HTTP(S) client requests and dynamically blocks all illicit attempts to attack the target site. The Firewall & CDN blocks bots, backdoor access attempts, illegal resource access, and more. Based on the level of the product subscription, Firewall & CDN provides 2-Factor Authorization to specific URLs and mitigation against Distributed Denial of Service (DDoS) attacks. Firewall & CDN also includes TrueSpeed, a content delivery network (CDN) service that caches specific requests to the site and stores them geographically, permitting faster access to frequently-visited pages and resources on a website.

DNS: SiteLock DNS is a global domain name management platform with features like smart routing, load balancing and failover, DDoS protection, and IPv6 support.

Payment Card Industry (PCI) Compliance Scans: The SiteLock PCI scan provides services that assure that a site is compliant to industry standards for credit card transactions online. The scan assures all transactions are secure and protected from credential theft that could potentially lead to identity theft.

Virtual Private Network (VPN): SiteLocks VPN service provides secure tunneling for an individual’s web browsing. The VPN can be deployed and used on demand on personal computers and mobile devices using the SiteLock VPN app (available for Apple, Android and Windows devices).

SiteLock Security Awareness Training (SAT): SiteLock’s Security Awareness Training allows business owners and individuals to get current online training in all areas of information technology security. Topics include areas such as malware, phishing, recognition of spam and many other areas of concern.

Backup Files: SiteLock Backup Files connects to a remote server, then downloads and syncs website files to a SiteLock backup mirror system. Subsequent backup sessions sync with the remote site and perform incremental backups of new and modified files. Users may restore their files to their original locations, or package them into a ZIP file for downloading.

Backup Database: SiteLock Backup Database connects to a remote server and using the local database credentials, accesses the site’s MySQL database, creates a backup package of the database schema and stores it on SiteLock’s backup servers. Each Backup Database session performs a full schema backup. As with Backup Files, the database schema may be restored to the database or packaged in a ZIP file for downloading.