Security Scans

Security scans look for specific threats like malware, vulnerabilities, infections, and spam.

This page explains the on-screen reports that are produced by the various scans SiteLock performs while checking your site for vulnerabilities and threats.

Webpage Scan

Webpage Scan crawls the public content of the website to identify malware.

Key features

Malware detection
Malware links detection

Scan Results

Displays detected malware, including:

Name	Description
URL	The web resource that contains malware.
Type	Indicates whether the malware was found in the page code (Page) or in a link on the page (Link). Page means a malware code fragment was detected in the page code. Link means the page has a malware link, that is, it’s linking to a malware site, such as a phishing or malicious domain.
Category	The broader category under which the malware falls.
Severity	The level of threat posed by the malware.
Found By	The threat intelligence database used to detect the malware.

Name

Description

URL

The web resource that contains malware.

Type

Indicates whether the malware was found in the page code (Page) or in a link on the page (Link).

Page means a malware code fragment was detected in the page code.
Link means the page has a malware link, that is, it’s linking to a malware site, such as a phishing or malicious domain.

Scan Detail	Description
Scan Date	The latest scan date and time is shown in the summary tab in Central Time Zone (UTC-6).
Status	Indicates the current scan status: Good or Issues Found.
Last Good Scan	The last date the website was free from malware.
Pages Scanned	The number of pages scanned.
Malware Found	The number of malware items detected.
Links Checked	The number of links found on the website.
Malware Links	The number of malicious links detected.
External databases	The threat intelligence databases used in the scan: SiteLock, Google, PhishTank, Anti-Virus Blacklist.

Vulnerability Scan

Vulnerability Scan detects vulnerabilities in plugins and the CMS itself, including Cross-Site-Scripting (XSS), and SQL Injection vulnerabilities. NOTE: Currently, Platform Scan detects vulnerabilities only for WordPress and Joomla.

Key features

Detection of vulnerabilities in supported platforms

Scan Summary

Displays the latest Vulnerability Scan details, including:

Scan Detail	Description
Scan Date	The latest scan date and time is shown in the summary tab in Central Time Zone (UTC-6).
Status	Indicates the current scan status: Good or Issues Found.
Platform vulnerabilities found	The number of platform (CMS) vulnerabilities detected.
XSS pages scanned	The number of pages scanned for XSS vulnerabilities.
XSS issues found	The number of XSS vulnerabilities detected.
SQL injection pages scanned	The number of pages scanned for SQL injection vulnerabilities.
SQL injection issues found	The number of SQL injection vulnerabilities detected.

Scan Detail

Description

Scan Date

The latest scan date and time is shown in the summary tab in Central Time Zone (UTC-6).

Status

Indicates the current scan status: Good or Issues Found.

Platform vulnerabilities found

The number of platform (CMS) vulnerabilities detected.

XSS pages scanned

The number of pages scanned for XSS vulnerabilities.

XSS issues found

The number of XSS vulnerabilities detected.

SQL injection pages scanned

The number of pages scanned for SQL injection vulnerabilities.

SQL injection issues found

The number of SQL injection vulnerabilities detected.

Platform Tab

The platform tab provides a detailed view of the website’s platform. This tab displays information about vulnerabilities detected on the platform, each one classified according to its type and severity. Each identified vulnerability includes details about its potential impact and recommended mitigation steps.

SQL injection Tab

Displays a list of URLs that have been tested for SQL injection vulnerabilities and marked as either OK or susceptible. An SQL injection is a critical security vulnerability that could allow attackers to manipulate the database and website, leading to data theft, data modification, or even data loss.

XSS Tab

Displays a list of URLs that have been tested for cross-site scripting (XSS) vulnerabilities and marked as either OK or susceptible. XSS is a severe security vulnerability that may enable attackers to inject harmful scripts into webpages, potentially leading to user data theft, session hijacking, defacement of the website, or even distribution of malware to site’s visitors.

SMART File Scan

SMART File Scan identifies and remediates malware infections within the filesystem for any website that supports SFTP/FTP/FTPS. By default, this page will display the latest scan data.

Key features

Malware detection and remediation
Easily viewable and searchable scan history

Scan Summary

Displays the latest scan details, including:

Scan Detail	Description
Scan Date	The latest scan date and time is shown in the summary tab in Central Time Zone (UTC-6).
Status	Indicates the current scan status: Good or Issues Found.
Files Scanned	The last date the website was free from malware.
Files Added by Customer	The number of files added by the customer since the last scan. If any changes are detected, there will be a View Files link that displays the differences.
Files Modified by Customer	The number of files modified by the customer since the last scan. If any changes are detected, there will be a View Files link that displays the differences.
Files Delisted by Customer	The number of files delisted (deleted by the customer) since the last scan. If any changes are detected, there will be a View Files link that displays the differences.
Malicious files cleaned	The number of malicious files cleaned.
Malicious files found	The number of malicious files detected, but not remediated.
Suspicious files found	The number of suspicious files detected.
Files Under Review	The number of files currently being reviewed by the SiteLock Research Department.

Scan Detail

Description

Scan Date

The latest scan date and time is shown in the summary tab in Central Time Zone (UTC-6).

Status

Indicates the current scan status: Good or Issues Found.

Files Scanned

The last date the website was free from malware.

Files Added by Customer

The number of files added by the customer since the last scan. If any changes are detected, there will be a View Files link that displays the differences.

Files Modified by Customer

The number of files modified by the customer since the last scan. If any changes are detected, there will be a View Files link that displays the differences.

Files Delisted by Customer

The number of files delisted (deleted by the customer) since the last scan. If any changes are detected, there will be a View Files link that displays the differences.

Malicious files cleaned

The number of malicious files cleaned.

Malicious files found

The number of malicious files detected, but not remediated.

Suspicious files found

The number of suspicious files detected.

Files Under Review

The number of files currently being reviewed by the SiteLock Research Department.

Scan Results

Displays the latest scan results, including:

Scan result	Description
Malicious Files Tab	Displays the results of found and cleaned malicious files. If any files remain uncleaned, a Clean All button will appear, allowing the user to trigger a scan that cleans these files. This option is usually available when a scan runs in warn-only mode or if a previous issue prevented SMART File Scan from remediating the files.
Suspicious Files Tab	Displays the results of files that are currently being reviewed by SiteLock’s research department for further analysis.
Review Tab	Displays the results of files that are currently being reviewed by SiteLock’s research department for further analysis.

Scan result

Description

Malicious Files Tab

Displays the results of found and cleaned malicious files. If any files remain uncleaned, a Clean All button will appear, allowing the user to trigger a scan that cleans these files. This option is usually available when a scan runs in warn-only mode or if a previous issue prevented SMART File Scan from remediating the files.

Suspicious Files Tab

Displays the results of files that are currently being reviewed by SiteLock’s research department for further analysis.

Review Tab

Displays the results of files that are currently being reviewed by SiteLock’s research department for further analysis.

SMART Database Scan

SMART Database Scan detects and remediates malware, spam links, and spam code in WordPress, Joomla, or any other CMS that’s using MySQL as its storage layer.

Key features

Manually clean malware within a record or delete the entire record containing threats, using selectable action options
Malware and Spam detection and remediation
Rollback functionality (for the last scan only)
Platform support: Supports WordPress and Joomla for automatic credential configuration and optionally manual configuration for MySQL databases (for non-WordPress or Joomla sites)

Scan Summary Tab

Displays the latest scan details, including:

Scan Detail	Description
Scan Date	The latest scan date and time is shown in the summary tab in Central Time Zone (UTC-6).
Status	Indicates the current scan status: Good or Issues Found.
Tables Scanned	The number of tables scanned in the website’s database.
Malware Found	The number of malware items detected.
Malware Fixed	The number of malware items fixed.
Spam Links Found	The number of spam links identified.
Spam Links Fixed	The number of spam links removed.
Spam Code Found	The number of spam code items detected.
Spam Code Fixed	The number of spam code items resolved.

Scan Detail

Description

Scan Date

The latest scan date and time is shown in the summary tab in Central Time Zone (UTC-6).

Status

Indicates the current scan status: Good or Issues Found.

Tables Scanned

The number of tables scanned in the website’s database.

Malware Found

The number of malware items detected.

Malware Fixed

The number of malware items fixed.

Spam Links Found

The number of spam links identified.

Spam Links Fixed

The number of spam links removed.

Spam Code Found

The number of spam code items detected.

Spam Code Fixed

The number of spam code items resolved.

Found Tab

Address All Issues

These steps are only required if SMART Database Scan is set to warn only instead of automatically fixing issues.

To remediate or delete all issues at once, select Clean all records or Delete all records with threats, then click Clean Table.

Clean: Remediate the issue while leaving behind legitimate content (recommended).
Delete: Deletes the entire post that contained the threat (permanent and cannot be undone).

Fixed Tab

This tab displays all fixed issues.

Manage Individual Detections

To manage specific threats individually, follow these steps:

In the row for that threat, click View.
Select one of the following options:
- Clean: Click the spray bottle icon to remediate the issue while leaving behind legitimate content.
- Delete: Click the trash-bin icon to delete the post containing issue.
- Ignore: Select the checkbox icon to ignore the issue.

View Threat Details

For more information about a detected threat, click View Threat. This will provide detailed information about the threat in a safe-to-view manner.

Finalizing Selection

After making the desired selections, two options are presented to finalize the actions:

Save Action: Applies all selected actions on the next scan.
Apply Action: Applies the actions now.