Website security has now become an important component of virtually any website. However, very few web masters actually take the initiative to secure their websites properly. Many people are under the impression that simply installing a couple of WordPress security plugins or configuring a SSL certificate would be enough, but that’s obviously not true.
Of course, it’s a good start, and it’s definitely a step in the right direction. But, you need to be a bit more careful. Hackers are becoming smarter by the minute, and you need to make sure that you harden your website properly. If you do not take a proactive approach towards the security of your website, you are going to face a series of problems.
Hackers are likely to gain access to your site and can wreak havoc. They can lock you out and demand a ransom, or they can embed malware in the core files of your website, which could ultimately affect performance and allow them to steal your data in the long run.
Many website owners are under the impression that they won’t become a target of hacks, and that’s simply not true. You need to make sure that you secure your website, because many hackers target websites with lax security protocols. To put things in perspective, the average cost of a breach in data was set at $1.3 million for enterprise owners in North America.
This number is only expected to grow, and it’s expected that by the end of the year, it’s going to cross the $150 million mark. The increase is massive, and it just shows you that hackers are becoming more and more active. Cybercriminals are able to make a considerable amount of money online.
In fact, if some reports are to be believed, a cyber criminal could easily take home up to $2 million in a year. Mid-level criminals net about $900,000, whereas low-level hackers are able to make upwards of $42,000. It’s significantly higher than anything an average graduate would make, so it’s easy to see that the incentive for hackers is right there.
A common misconception that many people have is that hackers only target websites owned by large enterprises. That’s absolutely not true; smaller websites are easier to hack, and require much less effort. As a result of that, they are able to make more money by hacking smaller websites.
Needless to say, website security is a serious problem, and you need to address it. Thankfully, you don’t need to be an expert when it comes to securing your website. There are now quite a few tools out there which will save you a great deal of time and money when it comes to securing your website.
You don’t need to run through long lines of code as well. In this review, we shall talk about SiteLock, which is an excellent utility that protects your website from all kinds of malicious attacks. Not only that, but the utility also searches for internal vulnerabilities that might lie in your content management system. If you are using a popular CMS like Drupal, WordPress, Joomla, or Prestashop, this is a great tool to use.
Now, without further ado, let’s get into the review!
SiteLock – A Brief Introduction
SiteLock was originally introduced as TrueShield. It started off in 2008 as a moonlighting project for the founders; Scott Lovell and Neill Feather. The two actually kept the project a complete secret for the first three years, because they didn’t want to end up losing their jobs.
Then, the two opened their first office in Scottsdale, Arizona. Their office was actually established in the game room of their sister company; Nextiva. But, like all good things, it didn’t take long for SiteLock to grow rapidly. What started as a small business of just two people has now blossomed, with more than 170 employees working at the company.
According to the company’s official statistics, they scan more than 6 million websites in a day. If you have heard of SiteLock, you might also know that they are renowned for their patented SMART scanning solution (we shall talk about this in the future).
When you visit their homepage, you will find a very clean interface that provides you with all of the information that you could need about the company. Here’s a look at the SiteLock homepage:
In addition to selling the utility directly on their website, the company has also made some astute licensing agreements with other companies, and that is one of the main reasons why SiteLock security is often bundled by various hosting providers.
Almost all of the EIG owned companies now provide SiteLock security, and even major companies like Hostgator bundle it into their packages. With more than a million WordPress customers, it’s obvious that SiteLock is doing something right.
Signing up to SiteLock is pretty easy; you can do it directly via their website, or you will receive a link from your web hosting company. It usually takes around 24 hours to install SiteLock on your website, which is fine, especially when you consider the standard of security that they offer.
If there’s an issue, you will receive a notification, which will be sent directly to your inbox. So, what are some of the main standout features of SiteLock? Here are a few.
This is how the dashboard looks when you login. The visitor stats chart shows you the number of visitors on your website on any particular day, and it also shows you the bot visitors as well as human ones. However, one of the best features of this dashboard is the security summary.
The security summary section will show you when your website was last scanned, and will also give you comprehensive details about the updates and scans on your website. You can also download a report for each individual scan that was carried out on your website, so if you are going to give the information to someone else for fixing security issues, this is a great idea.
Malware scanning is one of the best features of SiteLock, and it works like a breeze. When you run a malware scan, it’s going to check for all kinds of malware or malicious links, and will highlight them for you before it begins to remove them. You might already know that malware can cause a litany of issues for you, ranging from suspension from website hosting providers, having your website blacklisted, or your data being stolen.
In some cases, your website might become completely unusable due to malware. As soon as you click on the malware scan button on the dashboard, it’s going to take you to a separate page, where you will be able to see when the last malware scan was run on your website, the number of pages that were scanned, as well as the number of malware links that were found on your website. It’s also going to summarize everything to show you the status of your website at the moment.
It’s a pretty nifty tool to quickly run malware scans and figure out the health of your website.
This is a feature that I haven’t seen in many security solutions, so it definitely stands out for me. Basically, if you are going to accept payments online on your website, you need to be PCI compliant. The Payment Card Industry Data Security Standards are a set of standards that websites must adhere to if they want to continue receiving payments online.
Thanks to SiteLock, you can become compliant in just three steps. The company actually has a pretty handy guide that you can follow, starting with a questionnaire that you can find on their website. Then, you just need to add a compliant web application firewall (also provided by SiteLock), and that’s going to prevent harmful visitors to your website.
For ecommerce store owners, this is an absolute must. If you aren’t already PCI compliant, SiteLock can help you get stuff done with ease.
Now, a lot of website owners follow a number of steps in order to make their websites more secure and safe. However, they are not sure just how safe they are. Thankfully, with SiteLock, this is pretty easy, due to the Risk Score feature. The company basically came up with a proprietary risk assessment in order to determine just how exposed your website really is.
Your risk score could be low, medium, or high, depending upon the steps you have taken. A low score means that the chances of your website being compromised are akin to other websites that are similar to yours in the same niche. A medium score multiples this by a factor of 6, and a high risk score means that your website is almost 12 times more likely to get hacked.
I have to say, it’s always good to see how your score would be impacted depending upon the steps that you take. Here’s how the Risk Score page looks after conducting an assessment.
SiteLock Risk Score.
One of the standout features that has been touted with the company quite a bit is their SMART scanning tool. When you click on the SMART button on the website, it’s going to show you all of the malware issues that were found on your website and cleaned.
It’s going to run a scan of all the thousands of files that are on your server, and will produce a comprehensive report showing any file modifications that were made by the company, or if any particular changes were made. There’s also another feature that allows you to connect your website to the WordPress database, allowing you to run a deeper scan.
The last feature that I’d like to highlight is TrueShield, which gives you a list of all the stats associated with your web application firewall. You will get access to a wide range of information, including:
- Visitors by client
- Visitor statistics
- Cached data
- Cached requests
- Mapping your traffic
It’s a pretty intuitive interface that allows you to see everything from a seamless dashboard. Now that you know the main features of SiteLock and why it’s so popular, it’s time we talk about the pricing.
Before I talk about the pricing, it’s important to let you know that if you were to cancel any of your subscriptions, you will have to call them to do so. You can’t just cancel a subscription directly from the dashboard, so I’ll dock points for that.
But, as you can see, the company offers three distinct packages to its clients. The first one, SecureAlert, is ideal for people who run informational websites, and don’t need to worry about the security of their page. It’s the cheapest option available, starting from just $149.99, which makes it quite competitive when you consider that many other security providers usually begin around the $200 per year mark.
The SecureStarter, which is ideal for personal websites or SMB websites, is an excellent choice. It costs just around $25 per month if you pay yearly, and protects your website against bad bots, malware, and link injections. It also comes with the SMART scanner, and the Pro WAF feature. You also get 24/7 support.
Finally, there’s SecureSpeed, which is suitable for people who want to repair websites that were hacked in the future. It can also protect against infections in the future. The PRO WAF feature in this will be upgraded to a Premium WAF, which offers protection against data attacks and customizable traffic filtering.
It also comes with Emergency Hack Repair, so if your website is hacked and you want to get it back, this is the plan to choose. For business owners who are serious about website security hand have faced threats in the past, this is the way to go.
SiteLock is one of the best website security solutions out there, and it is priced quite competitively, making it an ideal choice for websites of all sizes.