Defend your website

SiteLock protects your web investment, keeping you and your customers safe from hackers and other online threats.

Keep your site clean and secure.

Every time shoppers place an order, they’re trusting you to keep them safe from hackers who steal information or spread spyware and viruses. Deliver on that promise with SiteLock. It not only finds malware but the security gaps hackers use to break in.

Basic

$17.88/year

Great for a single website

  • Up to 25 pages on one website
  • Daily malware scan
Select Term:
1 Year $17.88/year
  • 1 Year $17.88/year
  • 2 Years $17.88/year
  • 3 Years $17.88/year
  • 5 Years $17.88/year

Professional

$47.88/year

Preferred by online businesses for its automatic malware removal.

  • Up to 100 pages on one website
  • One vulnerability scan
  • Daily malware scan
  • Automated malware removal
    Restrictions apply
  • File change monitoring
Select Term:
1 Year $47.88/year
  • 1 Year $47.88/year
  • 2 Years $47.88/year
  • 3 Years $47.88/year
  • 5 Years $47.88/year

Best Value

Premium

$83.88/year

Ideal for online businesses needing ongoing vulnerability scans.

  • Up to 500 pages on one website
  • Daily malware scan
  • Automated malware removal
    Restrictions apply
  • File change monitoring
  • Ongoing vulnerability scanning
Select Term:
1 Year $83.88/year
  • 1 Year $83.88/year
  • 2 Years $83.88/year
  • 3 Years $83.88/year
  • 5 Years $83.88/year

Meet Geoff and Kathleen.

It's a typical day for Geoff and Kathleen, with shoppers coming to their business websites in spurts. Hidden among the legitimate visitors is a hacker, who looks for and finds a way to break in.

Without SiteLock

The hacker plants malware on Geoff's site.
Geoff's customers begin to see offensive messages and leave in disgust, swearing never to return.
Some visitors are taken to a fake site, where they submit their bank information without suspecting a thing.
By the time Geoff notices something's wrong, customers are rioting on Twitter. It'll take months to undo the damage.

With SiteLock

The hacker plants malware on Kathleen's site.
SiteLock's daily scan discovers the malware, notifying Kathleen of where it took place. With her SiteLock Premium plan, the malware is removed automatically so Kathleen can stay focused on her business.
Kathleen’s customers continue to browse her site, safely and without interruption, as SiteLock keeps scanning in the background.
Kathleen gets back to business without any downtime. Her customers stay safe and her reputation stays golden.

Find. Fix. Prevent.

SiteLock scans your website to find malicious software (malware) before it can harm you or your customers. Hackers insert malware onto legitimate websites in order to steal customer passwords and credit card numbers, deface or destroy the website or use your server to launch attacks on other websites.

Daily scans root out bugs.

We notify you as soon as we find any of the following problems:

  • Search engine/Browser blacklisting
  • Spam blacklisting
  • Application vulnerabilities, including SQLi & XSS
  • Website malware and viruses
  • File changes and suspicious code
  • Bot visits
  • Suspicious or malicious traffic to your site
  • Backdoors left by hackers

Choose your plan

  • Basic$17.88/year
  • Up to 25 pages on one website
  • Daily malware scan
  • Learn More
  • Professional$47.88/year
  • Up to 100 pages on one website
  • Daily malware scan
  • Automated malware removal
  • File change monitoring
  • Learn More
  • Premium$83.88/year
  • Up to 500 pages on one website
  • Daily malware scan
  • Automated malware removal
  • Ongoing vulnerability scanning
  • Learn More

Our SMART tool takes out the trash.

Automatically removes malware and back-end files to keep your site from being disabled or blacklisted by search engines. (Professional and Premium plans)

Close the deal with our Trust Seal

Seventy percent of web visitors look for proof a site is secure before submitting personal data. Our Trust Seal shows customers they're safe on your website.

What you get with SiteLock.

  • Daily malware scan
  • Database protection
  • Automated attack blocking
  • SiteLock Trust Seal
  • Search engine blacklist monitoring
  • CAPTCHA security
  • Eliminates comment spam
  • Security alerts
  • Unlimited expert support
  • *Money-back guarantee

Top 10 Online Threats

The strategies hackers use to break into your site can be complicated but the results are usually pretty simple – lost revenue. Here are the 10 most common threats identified by the Open Web Application Security Project:

1. Injection.

It's not uncommon for web applications to have injection flaws, especially SQL injection flaws. A hacker who finds one will send malicious data as part of a command or query. The attacker's message tricks the app into changing data or executing a command it was not designed to obey.


2. Cross-site Scripting.

Cross-site Scripting flaws occur whenever an application sends user-supplied data to a web browser without validating it first. Hackers use these flaws to hijack users away from the site or deface it, thereby costing the site owner in lost business.


3. Insecure Direct Object References.

Applications that lack checks to verify a user is authorized to view particular content can be manipulated to access private data.


4. Broken Authentication.

When account credentials and session tokens aren't properly protected, hackers can assume users' identities online.


5. Cross-site Request Forgery (CSRF).

A CSRF attack tricks unknowing site visitors into submitting forged HTTP requests via image tags, XSS, or other techniques. If the user is logged in, the attack succeeds.


6. Security Misconfiguration.

Security misconfiguration flaws give hackers unauthorized access to system data via default accounts, unused pages, unpatched flaws, unprotected files and directories.


7. Insecure Cryptographic Storage.

Many web applications don't do enough to protect sensitive data such as credit card numbers, Social Security numbers and login credentials . Thieves may use this data for identity theft, credit card fraud or other crimes.


8. Failure to Restrict URL Access.

Often an app will protect sensitive interactions by not showing links or URLs to unauthorized users. Attackers use this weakness to access those URLs directly in order to carry out unauthorized actions.


9. Insufficient Transport Layer Protection.

Applications often fail to authenticate, encrypt and protect the confidentiality of network traffic. Some use weak algorithms, expired or invalid certificates or use them incorrectly. This allows hackers to "eavesdrop" on online exchanges. An SSL Certificate typically neutralizes this threat.


10. Invalidated Redirects & Forwards.

Web applications often redirect or forward legitimate users to other pages and websites, using insecure data to determine the destination. Attackers use this weakness to redirect victims to phishing or malware sites, or use forwards to open private pages.

Choose your plan

  • Basic$17.88/year
  • Up to 25 pages on one website
  • Daily malware scan
  • Learn More
  • Professional$47.88/year
  • Up to 100 pages on one website
  • Daily malware scan
  • Automated malware removal
  • File change monitoring
  • Learn More
  • Premium$83.88/year
  • Up to 500 pages on one website
  • Daily malware scan
  • Automated malware removal
  • Ongoing vulnerability scanning
  • Learn More
  • Security alerts
  • SiteLock Trust Seal
  • Search engine blacklist monitoring

Third-party logos and marks are registered trademarks of their respective owners. All rights reserved.
Advanced support available in English only.

malware scanner