SiteLock offers different scans to ensure that your site is secure. Which scans are available to you, depends on the subscription type you have.
- Application scan - Looks for outdated or vulnerable applications installed on your web space, like for example an outdated version of WordPress. This scan is done once a month.
- SMART scan - Scans your website for malware and vulnerabilities from the inside out via FTP. SMART downloads your files and scans them for malware. If malicious code is found, the malware is removed and the cleaned file uploaded back to your server. A detailed description on how SMART works is available in the SiteLock Dashboard.
- Spam scan - Runs your domain against leading spam databases to check if your domain is listed as a spammer. If your domain is listed, this could indicate that someone has gained access to your email address.
- SQL injection scan - Tries to penetrate your site with SQL injection in your database. If SiteLock is able to alter your database, you will be informed about how and where SiteLock gained access.
- SSL scan - Checks if your SSL certificate is verified and up-to-date.
- XSS scan - Checks if your website is vulnerable for cross-site scripting by trying to penetrate your site with cross-scripting techniques. Cross-site scripting can be used to trick visitors into providing data to third parties.
- Advisories - Checks your site every month for issues with external redirects, cookies, etc. Also gives tips on how to improve security, like for example using SSL encryption on password pages or upgrading applications.
- Domain verification - Checks if you are the owner of the domain. This is done automatically for you when you sign up for SiteLock through One.com.
- Network scan - This scan is not available on SiteLock subscriptions through One.com. A network scan checks what ports on a network are open. Since you are using our network, you are already protected via One.com's security measures.