1and1 Help Centre Categories

print article

What is 1&1 SiteLock?

With 1&1 SiteLock, you can actively protect the content of your website from malware (malicious software), unauthorised access and other hacker threats. 1&1 SiteLock is offered in both the Basic and Premium versions.

The Premium version will scan up to 500 subpages of your website and performs in-depth analyses to find security holes in your network.

When monitoring mode is activated, you will automatically receive an e-mail as soon as SiteLock detects a potential threat in the scripts/content on your webspace.

1&1 SiteLock offers you the following scanning and monitoring functions to protect your pages:

  • Website Application Scan: 1&1 SiteLock provides information about security holes in the web applications used, such as Drupal, Joomla, Wordpress and PHP Nuke. The scan also checks to see if any new updates or security patches are available for your web application.
  • SQL Injection Scan:1&1 SiteLock performs an SQL injection scan and tries to detect risks based on access to the database via script applications. This scan identifies loading of external database commands, data theft and other external access to the database.
  • Cross-Site Scripting (XSS) Scan:In cross-site scripting (XSS), attackers take advantage of the lack of input and output checks in the scripts. For example, the attacker can manipulate a user profile with stolen login data by adding script code. In this case, visitors are not only redirected to external websites but Keyloggers, Trojans or other malicious software are often loaded in the background. 1&1 SiteLock detects potential security holes in this area and informs you of them.
  • Malware Scan: 1&1 SiteLock detects malware (malicious software) such as external redirects, hidden links or links to known malware sites so you can protect your website's visitors from viruses on their computers.
  • Search Engine Blacklist Monitoring:Search engines such as Google maintain their own blacklists. Websites are added to this blacklist if a virus or similar malware is loaded in the background when they are accessed. If visitors have blacklist filtering activated in their browsers, a warning page, for example from Google, will appear when they try to visit the website. The actual website (and the malware linked to it) are not loaded in this process.
  • SSL Verification: 1&1 SiteLock verifies the existence of SSL certificates and checks whether they are compatible with the requirements of the web browser. This will prevent a warning message about data security from appearing when visitors access the site, which would give them the false impression that the site is not secure.
  • File Change Monitoring: 1&1 SiteLock monitors whether changes have been made to files since the last scan simplifying the process for you to find out whether unwanted changes have been made.

You also have the option of integrating a security certificate with the SiteLock seal into your website after successfully passing a security scan. The seal shows the date of the last scan your site passed.