Getting Started with SiteLock

Ray PenalosaSiteLock is a security service that provides malware detection and protection from malicious attacks against your website.

SiteLock’s default scanning features include Network, Malware, SQL Injection, and Application scanning to identify malicious files or scripts.  SiteLock will also identify any potential weaknesses and exploits that your site may have.

Getting started with SiteLock may seem like a daunting task, but as with any new product, you will benefit from taking the time to get familiar with SiteLock. You can access the SiteLock dashboard from the Services section of the Everleap Control Panel.

Once you are in the SiteLock dashboard, go to “Settings/Scan Settings” and set the “Application Scan frequency” to Daily.  While you are in the Settings menu, click on “Scan Notification” and confirm that Security Alerts are checked. Don’t worry if you don’t recognize the email address. That is an automatically generated email address that will forward security alerts and warnings to the primary email address on file with your Everleap account.

Comprehensive Scanning

SMART Scan (Secure Malware Alert & Removal Tool) is a scanning tool that is available with SiteLock Premium or SiteLock Enterprise.  An extremely comprehensive scanning tool, SMART scan will access all of the files and folders within your site.  It will scan your files directly, and identify any malicious files or lines of code.

By default, SMART scan will not be configured to connect to your root directory of your site. To set this up, follow these steps:

smartscan

After you’ve finished setting up SMART scan, you will need to decide what SMART scan will do once it find malicious files or scripts in your site.

Click “SMART Settings.”  I suggest you choose to remove the malicious code automatically, otherwise it will simply warn you.  I also suggest setting the scanning frequency to Daily, to ensure that SMART Scan runs every day.  SMART Scan will run only once a day.

SMART SCAN Manage Exclusions

Depending on the plan you choose, SiteLock may have a limit on the number of files it will scan.  The Basic Plan will scan 25 pages.  The Premium plan will scan up to 500 pages, while the Enterprise plan will scan up to 2500 pages.  (More information on different SiteLock service plans.)

SiteLock’s scanner will go through the root of your site and randomly choose which of the files to scan.  Since file selection is random, and since your plan may not cover the actual number of files in your site, it is possible that the scanner may miss an infected or malicious file during a particular run. In our testing all malicious files were detected after two or three passes of the scanner.

SMART Scan has a feature that will exclude certain files or folders from being scanned. This will help ensure the likelihood that malicious files will be found on the first scan.

Exclusion rules are set up under the “Manage Exclusions” link on the “SMART Settings” tab.  There are two ways to set up an exclusion rule, either by extension type or by subfolders.  Before you can run the exclusion rule, you’ll first need to allow SMART Scan to run at least once on your system.  This will help SMART Scan determine which extensions and subfolders exist on your account.

Certain subfolders maybe good to exclude from SMART Scan such as Bin, ASPNet_Data, ASPNet_Client, or _Database.  These are default ASP.Net folders with inherent security settings, so by default they are already secure.  Certain extensions such as .config are commonly safe.  Keep in mind that every web application is different, and ultimately you will be the best judge of which folders and extensions should be excluded from the SMART Scan on your site.

Trueshield CDN Plans

Finally I want to mention that all SiteLock plans include the Basic CDN (Content Delivery Network) service.  The CDN service will provide global content caching to speed up delivery of your site, security alerts, comment spam blocking, and site scraper bot blocking.  If you use SSL on your site and want to use the CDN service, you will need to upgrade your SiteLock plan to either Premium or Enterprise.

The Enterprise level CDN provides a web-based firewall capability which can help prevent SQL Injection and Cross-site scripting (XSS) exploits, as well as a lot of other things.  Setting up the advanced CDN tools is something we’ll talk about in another blog post.


No responses yet

Leave a Reply