As the computing power and tech are evolving rapidly, sites are becoming more and more vulnerable. There’s so much to give thought and take care of. Having a reliable backup and security plan is becoming inevitable.
While setting up sites for my clients, one of their prime concerns is security. One loophole can take away hours of effort within a split second. Considering these factors, it’s a good idea to partner up with a good name for security and focus on your content.
To keep up with these dynamics, I always look up for different security options for WordPress. At certain times, I give them a try to see how they perform under different circumstances. This way, it helps me to select an appropriate solution according to the requirements.
Recently, while exploring security plans for WordPress, I came across this amazing SMART Plus solution by SiteLock which is designed explicitly for CMS sites. It houses some incredible features for CMS systems which we rarely come across. And when it comes from such a big name, you can’t easily resist it.
So, I decided to explore it further and see where it stands. And to be honest, I find it to be quite promising. I am super pumped up to share my thoughts about SMART Plus and how beneficial it can be for you. Let’s get started!
SMART® PLUS™ by SiteLock
While giving a shot to some new product, you should spend some time while exploring the company behind it. It gives a fair amount of idea about what to expect since the product definitely inherits and reflects the values of the company.
Apart from that, you can also get an idea about the type of support which you’ll get. And the fact that product is here to stay and not going anywhere anytime soon. All this homework helps you use it in your solutions without worrying about anything.
Talking about SMART Plus, it is offered by SiteLock which is one of the global security leaders and offers some rock-solid security plans. SiteLock®INFINITY™ won the 2018 Cybersecurity Excellence Award for Best Website Security Solution. Apart from that, it is trusted by some big names such as GoDaddy, BlueHost, HostGator, iPage, Harvard, etc.
SiteLock is a privately owned digital security firm, launched in 2008 and has headquarters located in Scottsdale, Arizona, US. Since then, it went through tremendous growth, made tons of partnerships, acquisitions, and won numerous awards. Check out their press release archive to know more.
Another interesting fact about SiteLock is that they embrace and support the open source community of WordPress. Folks at SiteLock under their vibrant leadership by Neill Feather — President & CEO SiteLock — actively attend and speak at WordCamps around the world. The efforts of Adam Warner — Open Source Community Manager at SiteLock — and Jamie Schmid — Community Evangelist and WC Organizer at SiteLock — are truly commendable.
👮SMART in SMART Plus stands for Secure Malware Alert & Removal Tool. As the name suggests, it scans the CMS for possible file-based malware & vulnerabilities and automatically fixes the core files. It also offers WordPress Database Protection from malware and spam keywords. Another exciting feature of SMART Plus is that it also protects popular eCommerce solutions like WooCommerce as well.
Apart from SMART Plus, SiteLock also offers some other great solutions for websites in general and a TrueSpeed CDN to significantly improve your site speed. A few of them are listed below:
- ∞ Infinity — State of the art malware and vulnerability remediation service.
- 🔒 DDoS Protection — Automatic Mitigation for Sophisticated DDoS Attacks.
- ⚡️ TrueCode SAST — Static Application Security Testing Solution.
Getting Started With SMART® PLUS™
SMART Plus is a completely cloud-based product by SiteLock which makes it quite easy to set up. Once you’ve purchased your desired package, all you need to do is to connect your site with the webservers of SiteLock, and you’re good to go. Below are the steps to get started quickly:
→ Step #1
SiteLock provides a complete experience for setting up things at your site. To get a product, you need to get in touch with them, and they will provide a custom-tailored solution according to your needs. Once you get in touch, the awesome folks at SiteLock will guide you through the process to set up everything.
You can reach them out by filling the web form through their site or by calling through the contact information. I found the customer support care at SiteLock quite active. A security consultant at SiteLock will drop an email to help you guide through the process. You can even schedule a call and discuss your needs to get your things done.
→ Step #2
Once you have got your custom solution according to your needs, the next step is to connect your site with it. To do so, SiteLock provides you with two options:
- 🔌Through SiteLock Plugin
- 🗂Through FTP
If you choose to connect your site through a WordPress plugin, you need to install SiteLock Security plugin by SiteLock. It is totally free and available on the WordPress repository. You can either manually install it or install it through plugins menu in your dashboard.
Alternatively, you can connect your website through FTP. For this purpose, you will need the SFTP/FTP details of your host to transfer any file. Once everything is set up, you can manage all of your sites through the SiteLock Dashboard.
💼 SiteLock Dashboard
For the first time, when you login into your dashboard, it will give you a configuration alert in case you’ve not set up things already. You can click on configure to go through the setup wizard and set up things easily. You can also click the skip button, and it would not appear again.
Moving on, SiteLock dashboard provides a great user experience. Almost everything you need is available on the front, and easy navigation is available to access different things. You can even toggle top bar and sidebar for a minimal view.
⛱ Security Summary
Right at the heart of the dashboard, you can find the security summary. It lists all the scans and their results. You can click on any scan to find out further details, filter the results, perform scans, download results, and much more.
✅ However, when you log in for the first time, you will notice that a few scans will have a green tick while others will have an exclamation mark on them. The green mark indicates the status that everything is alright and in check. While the exclamation mark requires action, either for configuring them or some other task.
Hovering on any of the circle shows further details of the scan followed by some nice animation. It shows the duration of scan results and some basic stats about them. For example, hovering over the XSS Scan shows the total no. of pages scanned and last good scan/ last scan date.
Clicking on any of the scan results further leads you to the details page. Which looks like something below. Where you can perform different actions as well — export CSV, perform a scan, filter by dates, etc.
Major security scans which you can perform in the SMART Plus solution are listed below:
- 🈸Application Scan: Scans your web applications for possible vulnerabilities and make sure they are up to date.
- 🚧Network Scan: Scan your server ports to make sure that appropriate ports are open for connection requests and rest of the ports are closed.
- 🦊SMART Scan: It constantly monitor sites for malware, and if malware is detected, it will automatically remove it.
- 🗃Database Scan: Scans WordPress database for possible malware and keyword-based spam monitoring.
- 🔐SSL Scan: Checks the SSL certificates validity and warns if need to be renewed.
- 🙉Spam Scan: Scans your domain name against leading spam databases to check if your domain is listed as a spammer. In case if it indicates the listing of your domain, it means someone might have gained access to your email address.
- 🗝SQL Injection Scan: Tries to gain unauthorized access to your website through SQL Injection. And if it succeeds, it informs how and where it gained access. Indicating a loophole which you need to secure.
- ⚔XSS Scan: Like SQL Injection, SiteLock tries to penetrate your site through Cross Site Scripting techniques. In turns, it may lead to loss of visitors data.
That’s actually a great variety of scans which SiteLock performs to make sure your site is secure. Doing these scans manually could be a headache and may lead to burnout. By scanning your site for possible vulnerabilities and fixing them automatically, SiteLock is definitely up to an incredible job.
🚉 Visitors Statistics
Another section on the SiteLock dashboard is the visitors’ statistics. It provides a detailed graph of different categories of visitors on your site. You can see the number of Human Visitors and Bot Visits separately on each date. It also allows you to filter the statistics by date.
SiteLock shows the data with the help of a minimal graph with a distinct line for each type of visitor. This way, it allows you to analyze your traffic in a better way. Which is pretty cool. 💯
Another interesting feature of SiteLock is that it allows you to add multiple users to your SiteLock account. It allows up to 20 users in one account. The users can view the data only while the admin can change the billing information and other settings as well. The feature can come in handy when you are on a team and need to share the stats.
In the settings section of SiteLock dashboard, you can set up things related to your scan settings. You can set up interval for the automatic scan, opt-in/out for promotional emails, and security alerts. Apart from that, you can also update your SMART configuration settings here as well. A quick overview of each section is listed below:
- 🔏Security Settings: Here you can set up a security question, in case if you forget your password.
- 📨Email Subscription: Set up your preferences for promotional emails.
- 🔔Notification: Set up email settings for security alerts.
- 🕵️Scan Settings: Set up intervals for the automatic scan. You can set up different intervals for different scans as well.
- 🦊SMART Settings: Set up your preferences for the SMART scan.
- 🗃SMART Database: Add access details and other preference of scanning database.
- 🛡TrueSheild Settings: It contains detailed settings for re-routing your traffic through TrueSheilf functionality. You may need data to configure data like DNS records, add host IP, and configure SSL.
- 🤖SMART/PATCH Settings: Like SMART malware scan configurations, you can set up configurations for patching core files in your CMS.
Another factor which I look for while choosing a product is its support. I love to give a shot to a product with great support. Because they are always there to listen to feedback, help, and improve. On the other hand, I might put down a good product because of poor support.
Talking about SiteLock, they rock a support team which is always there to help. Regarding my experience with SiteLock, I got my first response in less than 1 hour and later on even in less than half hour. And I found the support to be quite humble and helpful. So thumbs up! 👍
There’s no specific pricing for SiteLock packages. They provide custom solutions tailored to your needs and charge you accordingly. However, given their quality services, it definitely worth your every penny. Also, as a part of supporting open source, SiteLock also supports WPCouple and is one of our awesome partners.
🎁 Wrap Up
SiteLock is one of the leading names in the field of digital security. SMART Plus is one of their dedicated product designed with Content Management Systems in focus. Utilizing their vast industry experience, unparallel techniques, and a variety of ways, they try to make your site as secure as possible.
If you had your site on a CMS like WordPress and concerned about site security, you should definitely give a shot to SiteLock. It is super easy to set up and takes care of your all security concern while you focus on what matters. Also, SiteLock has a name and is worth partnering up for your security.
Which solution do you deploy for your website security? Also, do you have any experience with SiteLock or would like to give it a shot? Let me know your thoughts in the comments below!
SUBSCRIBE TO DEVELOPERS TAKEAWAY!
A Premium Development Newsletter by TheDevCouple! What is TheDevTakeaway?