When signing up for Bluehost, you are asked if you want the SiteLock Security add-on for your website. It’s a site security tool that scans your website for malware and vulnerabilities to prevent it from getting hacked.
BUT what the heck is it exactly? And is it worth forking over your hard-earned cash?
Bluehost doesn’t offer a lot of information about this add-on on their website other than a basic FAQ page.
Cybersecurity is something you need to consider when starting an online business.
The global cost of cybercrime is estimated to be $10.5 trillion by 2025. There have been many times when companies have shut down after getting hacked.
SiteLock is supposed to scan for vulnerabilities and keep your website secure. But does it really do anything?
Reddit is a great place to learn more about Bluehost. Here are a few Reddit posts that I think you’ll find interesting. Check them out and join the discussion!
In this article, I will go over what it is, what it includes, and of course, if it’s worth your money:
What is SiteLock Security?
SiteLock Security is a suite of security tools that help keep your website secure.
SiteLock Security isn’t a proprietary tool created by Bluehost. They are a 3rd party vendor.
Bluehost offers this service as a premium add-on to their web hosting service at a discounted price.
SiteLock offers over a dozen tools to keep your website safe and secure. This includes tools for malware scanning, PCI Compliance, and vulnerability scanning.
It is highly recommended for anyone who doesn’t have a lot of experience running a website. Many websites get hacked and the owners never find out.
Hackers can inject your site with malicious code, which can harm your reputation and cost you a lot of money. SiteLock will not only notify you if your website gets hacked but it will also help you clean it up.
SiteLock scans all aspects of your website for potential malware. It not only scans your website’s files but also your website’s database.
And the best part is that it also scans for SPAM links and SPAM code. Having SPAM code on your website can not only ruin your reputation but can also result in getting completely dropped from search engines like Google.
SiteLock is one of the four add-ons Bluehost offers. Another one worth looking into is SEO Tools.
You also might want to check out our review of the Microsoft 365 Mailbox that comes with Bluehost.
Bluehost asks you if you want this add-on at the end of their checkout page:
It costs about $2.99 per month. Given the already affordable Bluehost pricing plans, it doesn’t seem that expensive if you take into account all the great features it includes.
Now that you know what SiteLock is, let’s talk about its features:
What is included in SiteLock Security?
SiteLock Security is a suite of tools that can save you from the headaches that come from getting hacked.
Without an active scanning tool like SiteLock, your website can get hacked without you ever finding out.
Here are some of the amazing features that are included in SiteLock Security:
Your website’s code could have security vulnerabilities that you are unaware of.
A lot of big companies spend millions of dollars every year on hiring penetration testers to find vulnerabilities in their code.
SiteLock’s Vulnerability scanner scans your website for many sorts of vulnerabilities including SQL Injection and Cross-Site Scripting.
These vulnerabilities can allow a hacker to steal the details (including credit card information) of your website’s users, or even take over your entire website.
SQL Injection vulnerabilities can allow a hacker to download your entire database. It can also allow a hacker to add malicious code to your website or learn your administrator credentials.
SiteLock also scans for vulnerabilities that occur when your website’s server is using old software. It alerts you if it finds that you’re using a vulnerable version of PHP, MySQL, or Operating System.
Malware Scanning and Removal
Hackers can install Malware (viruses) on your website which allows them to do whatever they want with it.
A website with malware might redirect all users to a spam website. These malwares can be so sophisticated that you as the owner may never see them.
Malware can not only destroy your reputation but can also result in losing search engine rankings.
Fortunately, SiteLock scans for malware automatically and offers many tools to help remove them automatically.
It scans all the pages on your website to find malware before it hurts you or your users:
It also checks all the links on your website to see if your website is linking out to a Malware-infected website.
SiteLock’s SMART Scan features go through all the files on your website’s server and scan them automatically.
BUT that’s not its best feature.
Its best feature is that it keeps track of all the NEW files that were added to your website on any given day.
This feature can help you detect if there are changes being made on your website that you are not responsible for.
This can indicate that your website has been compromised, especially if you see that any malware was found and removed.
It also shows you if any files were deleted. This way if a hacker takes over your website and deletes some files, you will be in the know right away. You can then reload a backup of your website to restore the deleted files.
This feature scans your website’s database for malware. Malware can be hidden in your website’s database where it’s only visible to your website’s visitors.
SMART/Database Scan scans your databases for not just malware but also for SPAM links and SPAM code. Not only that, it also fixes these issues automatically as soon as they are found.
Even popular CMS systems like WordPress, Drupal, and Jumla have security vulnerabilities sometimes.
These vulnerabilities are patched as soon as they are discovered. But when they are discovered, hackers also become aware of them.
If your site’s using an older version of WordPress that has a vulnerability, it gives hackers an opportunity to compromise your website.
SMART/Patch scans and patches old versions of CMS software you might be using on your website.
So, even if for some reason you forgot to update your WordPress site, SMART/Patch will alert you. It will even try to patch the vulnerability automatically if it can.
Is SiteLock Security Worth It?
Thousands of websites get hacked every month. And this number keeps on rising every year.
If your website gets hacked, you might lose all the hard work you have put into building it. And if you have paid someone to build it, say goodbye to all the money you paid!
The worst part about your website getting hacked is that you lose all the trust you have built with your customers.
Not only that, if Google finds that your website has been hacked and is hosting malware or spam links, it will drop your site like a stone. And it will take you well over a year to fully recover.
Some hacked websites never recover. Like these companies that got hacked and went bankrupt.
Are you scared yet?
Although nothing beats keeping regular backups of your website, there is a place for tools like SiteLock that scan your website on regular intervals.
SiteLock is designed to find and clean malware from your website before it becomes a problem.
It also scans for vulnerabilities in your code such as XSS and SQL Injections.
SiteLock is for you if you…
- have little to no experience building and maintaining websites
- have no idea how web servers work
- you want a little extra peace of mind knowing that your website is constantly scanned for malware, spam links, and spam content
- if your website stores important information about your customers such as their credit card details
SiteLock is not for you if:
- you are building a hobby website with no intentions of ever making any money from it
- your website getting hacked doesn’t affect you in any way
- you are a coding superstar who knows the ins and outs of web development and can hold his own when it comes to maintaining a website
SiteLock Security is an essential add-on if you are planning on publishing a lot of content on your website. Or if don’t have a lot of experience building and maintaining websites.
It scans your website for security vulnerabilities and malware. It also cleans up your website if it ever gets infected with malware.
If you are reading this article, then you probably haven’t signed up for Bluehost yet.
What are you waiting for? Bluehost is a beginner-friendly web host.