SiteLock is cloud-based security company that protects over 6 million websites around the world. The company was founded in 2008 and is based in Scottsdale, Arizona. It was founded by security veterans out of MIT, Wharton, Stanford, and Caltech. The service is relatively low cost and targeted primarily at small businesses that typically see website security as expensive and overly complex.
Their security offering sits on top of a global CDN and offers malware detection, bot mitigation, WAF, DDoS protection, anti-virus, email security, and more, all while accelerating website delivery.
The company has raised very little funding and has succeeded primarily by partnering with all the largest shared hosting providers like GoDaddy, Bluehost, and HostGator. And while the SiteLock service has been wildly successful by leveraging powerful hosting partnerships, there have been numerous reports of shady business practices by both SiteLock customer service and their resale partners. This includes reports of fake malware infections in order to upsell customers more expensive services or charging upwards of $500 to clean an infection despite already being a paying customer.
The SiteLock TrueSpeed CDN boasts 30 points of presence around the globe, putting your content close to users in every corner of the world as well as preventing cyber attacks at the edge.
In addition to basic CDN caching, the TrueSpeed CDN includes a number of optimization features, including:
- Content minification
- Image compression
- Session reuse optimization
- “On the fly” file compression
- TCP optimization & connection pre-pooling
- Progressive image rendering
The SiteLock TrueSpeed CDN has points of presence in the following locations:
- Atlanta, Georgia, USA
- Ashburn, Virginia, USA
- Chicago, Illinois, USA
- Dallas, Texas, USA
- Los Angeles, California, USA
- Miami, Florida, USA
- New York, New York, USA
- San Jose, California, USA
- Seattle, Washington, USA
- Toronto, Ontario, Canada
- Tel Aviv, Israel
- Amsterdam, Netherlands
- Frankfurt, Germany
- London, England, UK
- Madrid, Spain
- Milan, Italy
- Moscow, Russia
- Paris, France
- Stockholm, Sweden
- Vienna, Austria
- Warsaw, Poland
- Zurich, Switzerland
SiteLock does not share pricing on their own website, so if you want to work with them direct you’ll need to contact a sales rep and get a quote. They do have a number of large resale partners that do publish pricing on their websites, however. HostGator, for example, offers plans starting around $2/month and going up to $50/month. You should note that the lower tier plans give you only basic malware scans and access to the CDN on a limited number of pages. If your site becomes infected you’ll be on the hook for $200+ to remove it even though you are a paying customer. The higher tier plans give you additional features like the Web Application Firewall and automatic removal of malware from your site + enterprise support.
Unlike other security services that primarily focus on network and application layer attacks, SiteLock also puts a big focus on malware scanning and removal. Depending on the plan you choose, you’ll have access to the following features:
SiteLock SMART (Secure Malware Alert and Removal Tool): gives you the ability to find and automatically remove malware found on your website. This helps prevent search engine blacklisting, which means keeping your website online and your business running. SiteLock SMART also performs web app scanning, which checks for vulnerabilities like XSS or SQLi, and so much more.
TrueCode SAST: TrueCode Static Application Security Testing (SAST) is our deepest source code analysis. Also known as “white-box” testing, TrueCode finds common vulnerabilities by analyzing 100% of the source code of your applications without actually executing them, and adds a unique and critical layer of security by protecting your web apps — where 92% of all vulnerabilities reside.
SiteLock Infinity: premium vulnerability and malware detection and remediation service unique to SiteLock. INFINITY scans your website repeatedly to detect and patch vulnerabilities and remove malware as soon as it hits. SiteLock is the only cloud-based security provider that can deliver this degree of scanning protection.
TrueShield WAF: TrueShield Web Application Firewall protects websites from malicious traffic and blocks harmful requests. Our advanced technology identifies backdoor files and blocks access to them immediately. The setup process is fast and seamless via a simple change.
DDoS Protection: the SiteLock SecureVIP package provides complete DDoS protection from the most sophisticated forms of DDoS attacks. We offer Infrastructure, DNS and Web App DDoS defense, and provide customized protection plans that range from 2GBps up to unlimited GBps.
PCI Compliance: the SiteLock PCI compliance program efficiently guides businesses owners through the SAQ (self-assessment questionnaire) process of becoming PCI-compliant. We have the highest compliance rates in the industry, and we even offer a PCI-certified web application firewall for additional protection of your customer data.
Pros and Cons
SiteLock has a very broad and advanced security offering and is trusted by over 6 million websites around the world. It is a good option for smaller companies who are looking for a low cost full site security option, but pay close attention to which services you are paying for and be aware that there have been numerous reports of shady business practices on several consumer affairs websites. And while the service is relatively low cost (depending on where you purchase and your negotiation skills) there are other cost effective options out there for a similar or lower price that have better reputations. If you’re looking for an alternative that won’t charge you an arm and a leg to clean a malware infection or try to sell you services you don’t need, we highly recommend Incapsula and Sucuri. Incapsula has a stellar reputation and offers enterprise grade security and CDN performance. For a lower cost option we would recommend checking out Sucuri, who offers a similar set of features to SiteLock at a lower price and will never hit you with a massive charge to clean an infection from your site.