Security Report

The Security Report tab provides a detailed view of your website’s protection status, covering site health, login security, website security and available SiteLock cloud services.

Security Report Overview

The Security Report tab is divided into several panels:

  • Site Health — Displays the overall security status of your website.

  • Cloud Services — Lists SiteLock’s advanced protection features, which require account activation.

  • Login Security — Lists features to protect your WordPress admin login from unauthorized access.

  • Website Security — Lists features to help protect your WordPress site from common exploits and vulnerabilities.

  • Admin Monitoring Report — Provides a log of recent admin activity and changes.

  • Help — Lists SiteLock support contact details.

Admin user detection

The Admin User Detection feature prevents use of admin as a username to reduce attack risk. The Security Warning panel appears if an admin user is detected.

Admin User Detection

To close the Security Warning panel, click the X in the top-right corner.

To rename the admin user:

  1. Log in to your WordPress admin dashboard.

  2. Navigate to Users  All Users from the left sidebar.

  3. Locate the admin user and click Edit.

  4. Change the username to something unique and secure.

  5. Click Update User to save the changes.

Site Health

The Site Health panel shows the real-time status of your website’s security. It measures vulnerabilities, configuration issues and overall protection.

The following table describes the details and controls of the Site Health panel.

Element Description

Requires Activation

Your SiteLock account is not yet activated; health data is unavailable.

Analyzing

SiteLock is scanning your website to identify vulnerabilities.

Health Meter

Displays the overall risk level, and available risk levels are:

  • Grey — Unavalilable (no account)

  • No indicator — Analyzing (scan in progress)

  • Green — Healthy (secure)

  • Yellow — At Risk (warnings)

  • Orange — Impaired (potential issues)

  • Red — Compromised (issues found)

Activate Free Account

The button activates your free SiteLock account and starts protecting your site.

Compare Plans

The button opens a comparison of SiteLock plans and features.

Cloud Services

The Cloud Services panel lists advanced SiteLock features. Activation or upgrade may be required. To read more about each service, click Learn More.

The following table describes the details and controls of the Cloud Services panel.

Service Description

CMS Patching

Automatically applies patches to CMS vulnerabilities.

If you have a free SiteLock account, you can upgrade it by clicking Upgrade.

Email Reputation

Monitors and improves your domain’s email sending reputation.

Firewall/CDN

Provides a website firewall and content delivery network for speed and protection.

If you have a free SiteLock account, you can upgrade by clicking Upgrade.

Security Scanning

Includes malware, database, and file scans to detect threats.

Site Backup

Provides automated site backups with restore options.

If you have a free SiteLock account, you can upgrade by clicking Upgrade.

SSL Monitoring

Monitors your SSL certificates for validity and expiration.

Status

Shows the current status of each service, and available statuses are:

  • Requires Activation — Service is not active (if you don’t have an account).

  • Requires Upgrade — Service requires a paid plan; upgrade your account.

  • Awaiting first scan — Service is active; initial scan pending.

  • Not Enrolled — Service not enrolled.

  • Failed Billing — Billing issues preventing service.

After activation the free plan, the status may change to:

  • OK — No issues found.

  • Low Risk — Minor issues detected.

  • Issue Found — Significant issues detected.

  • Failed Scan — Scan could not complete.

  • Failed Backup — Backup process failed.

  • Over Quota — Backup storage limits reached.

  • Near Quota — Backup storage limits approaching.

  • Not set up — Service not configured.

  • Partially set up — Service partially configured.

Actions for no account

If you do not have a SiteLock account, the following actions are available:

  • Pick a Plan — The Pick a Plan button allows you to choose a paid SiteLock plan to access advanced cloud services. To activate specific services such as CMS Patching, Firewall/CDN, or Site Backup, you must select and purchase a suitable SiteLock plan. Once you have an active paid plan, these services can be activated and managed from the Cloud Services section.

  • Activate Free Account — The Activate Free Account button allows you to create and activate a free SiteLock account to start protecting your website with basic security features.

  • Get your license key now — The Get your license key now link helps you retrieve your SiteLock license key if you have already purchased a plan but do not have the key.[add the link]

Actions for free account after activation

If you have activated a free SiteLock account, the following actions are available:

  • Upgrade — The Upgrade button allows you to upgrade your free SiteLock account to a paid plan to access advanced cloud services such as CMS Patching, Firewall/CDN, and Site Backup. Clicking the Upgrade button will take you to the SiteLock website, where you can choose and purchase a suitable paid plan. Once you have an active paid plan, you can activate and manage these services from the Cloud Services section.

  • View Full Report — The View Full Report button opens a detailed security report for your website, providing insights into vulnerabilities, threats, and overall site health.

  • Download Full Report — The Download Full Report button allows you to download a full security report for your website in PDF format, which you can save and share as needed.

Login Security

The Login Security panel lists security features to help protect your WordPress admin login from unauthorized access and weak credentials.

All Login Security settings are free regardless of an account.

The following table describes the details and controls of the Login Security panel.

Element Description

Login Lockout

Blocks users after repeated failed login attempts.

Force Logouts

Automatically logs out users after a set time for better security.

Password Strength Enforcement

Requires users to create strong passwords.

Status

Shows whether each feature is activated or deactivated, and available statuses are:

  • Disabled — Indicates the feature is inactive.

  • Enabled — Indicates the feature is active.

Website Security

The Website Security panel lists features that help protect your WordPress site from common exploits and vulnerabilities.

All Website Security settings are free regardless of an account.

The following table describes the details and controls of the Website Security panel.

Element Description

Disable Directory Listing

Prevents attackers from browsing files in directories.

Deny Access to Unsafe Script Extensions

Blocks access to potentially dangerous script file types.

Basic XSS/SQLi Protection

Blocks basic cross-site scripting and SQL injection attempts.

Harden Writable Directories

Restricts write permissions on sensitive directories to prevent unauthorized changes.

View Settings

Opens the Website Security settings tab to configure options.

Status

Shows whether each feature is activated or deactivated, and available statuses are:

  • Disabled — Indicates the feature is inactive.

  • Enabled — Indicates the feature is active.

Help

The Help panel provides SiteLock support contact details.

The following table describes the contact methods available in the Help panel.

Contact Method Details

Toll Free

+1 (855) 378 6200

International

+1 (415) 390 2500

Support Portal

Submit a ticket through the SiteLock dashboard.