Support community for TTG plugins and products.
NOTICE
The Turning Gate's Community has moved to a new home, at https://discourse.theturninggate.net.
This forum is now closed, and exists here as a read-only archive.
You are not logged in.
Pages: 1
A couple of questions regarding SiteLock.
For those, you may not know what SiteLock is: SiteLock is "SITELOCK IS THE GLOBAL LEADER IN WEBSITE SECURITY. WE FOUNDED THE COMPANY IN 2008 WITH A PASSION TO MAKE CYBERSECURITY AND WEBSITE SECURITY SERVICES AFFORDABLE AND ACCESSIBLE TO SMALL BUSINESSES, A PREVIOUSLY UNDERSERVED MARKET. WE PROTECT OVER 12 MILLION SITES AROUND THE WORLD AND ARE ONE OF THE TOP CYBERSECURITY COMPANIES IN ARIZONA."
My site is hosted by Blue Host. Blue host as an add on feature that uses SiteLock security addon that scans my site and warns me of any security issues and vulnerabilities.
question one: Is the basic SiteLock Security option worth the $15.00 per year?... I know that this is really basic! SiteLock subscription can go up to in access of $50.00 per month (out of the question for me).
Question two: The biggest problem that I have with the weekly SiteLock security scan is the warnings that I receive. I have no F#%*#^G clue as to what they are telling me ... let alone who to speak to or how to deal with the problem. The lastest warning gave me a warning about 3 XSS vulnerabilities and 77 XSS nonvulnerable issues. I am more concerned about the Vulnerabilities, rather than the Nonvulnerabilies. The URLs that are being flagged are buried in the "backlight" folder, of course, they are. The first one looks like an image to me. The second is a script in the publisher and galleries module. The third has to do with the style sheet. I have a screengrab of the SiteLock dashboard if you need it, probably not prudent to publish it on this forum. Is this a problem that I should be addressing, if so, who should I be talking to?
as always,
Thanks in advance,
Kevin
Offline
Hi Kevin, I don't have experience with Site Lock. Are you running any other software on your site, in particular Wordpress? That is typically the biggest area of concern. If you are running Wordpress then use the Wordfence plugin, which does a lot of the work to protect the installation and provides security warnings.
I recommend running SSL if you're not already, and to enable two-factor authentication in Backlight. We have no known security vulnerabilities and code defensively to avoid common security issues.
Feel free to share the warnings here, and I'll advise on the nature of them and if I can, whether there's anything of concern. If they're confidential in nature (e.g. revealing local server paths or similar) then please email them to me instead.
Offline
Sorry for the delay in getting back to you on this Ben... The following report is from the Site Lock security scan. It is showing 3 XSS Vulnerability Issues.... The vulnerability issues are listed at the bottom of the report. I am guessing that the issues are summarized in the "a c m p1 and p2" codes. I have not had a chance to explore what these issues are. I am hoping that you can let me know what can be done.
Thanks
Kevin
Summary
Site Name pkgphoto.ca
Scan Type xss
Pages Scanned 77 page(s)
Pages Vulnerable 3 page(s)
Details
Page URL Vulnerable Description
http://www.pkgphoto.ca no
http://www.pkgphoto.ca/backlight/publis … /scripts/1 no
http://www.pkgphoto.ca/backlight/publis … /scripts/6 no
http://www.pkgphoto.ca/backlight/publis … et/style/1 no
http://www.pkgphoto.ca/backlight/publis … et/style/6 no
http://www.pkgphoto.ca/contact/ no
http://www.pkgphoto.ca/galleries/ no
http://www.pkgphoto.ca/th1s_1s_a_4o4.html no
https://pkgphoto.ca/feed/ no
https://pkgphoto.ca/galleries/abdi/ no
https://pkgphoto.ca/galleries/conestoga-college/ no
https://pkgphoto.ca/galleries/conestoga … nvocation/ no
https://pkgphoto.ca/galleries/conestoga … nvocation/ no
https://pkgphoto.ca/galleries/conestoga … nvocation/ no
https://pkgphoto.ca/galleries/contactportraits/ no
https://pkgphoto.ca/galleries/contactpo … -portrait/ no
https://pkgphoto.ca/galleries/ginas-col … ir-design/ no
https://pkgphoto.ca/galleries/ginas-col … pril-2019/ no
https://pkgphoto.ca/galleries/ginas-col … mber-2017/ no
https://pkgphoto.ca/galleries/ginas-col … mber-2019/ no
https://pkgphoto.ca/galleries/ginas-col … gust-2018/ no
https://pkgphoto.ca/galleries/hike-for-hospice-2017/ no
https://pkgphoto.ca/galleries/iio-conestoga-chapter/ no
https://pkgphoto.ca/galleries/iio-cones … heon-2019/ no
https://pkgphoto.ca/galleries/iio-cones … heon-2020/ no
https://pkgphoto.ca/galleries/iio-cones … heon-2018/ no
https://pkgphoto.ca/galleries/jeff/ no
https://pkgphoto.ca/galleries/jeff/_PK36627-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36629-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36630-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36631-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36635-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36641-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36642-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36643-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36644-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36645-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36646-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36650-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36657-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36662-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36665-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36672-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36675-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36688-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36700-single.php no
https://pkgphoto.ca/galleries/jeff/_PK3 … single.php no
https://pkgphoto.ca/galleries/jeff/_PK36702-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36710-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36711-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36713-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36714-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36716-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36717-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36718-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36719-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36721-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36723-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36725-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36727-single.php no
https://pkgphoto.ca/galleries/jeff/_PK36728-single.php no
https://pkgphoto.ca/galleries/st-peters … firmation/ no
https://pkgphoto.ca/galleries/st-peters … ters-2019/ no
https://pkgphoto.ca/galleries/the-waterloo-award/ no
https://pkgphoto.ca/galleries/the-water … loo-award/ no
https://pkgphoto.ca/galleries/the-water … loo-award/ no
https://pkgphoto.ca/galleries/weddings/ no
https://pkgphoto.ca/galleries/weddings/ … -patricia/ no
https://pkgphoto.ca/galleries/weddings/ … sa-weiler/ no
https://pkgphoto.ca/galleries/yncu/ no
https://www.pkgphoto.ca no
https://www.pkgphoto.ca/contact/ no
https://www.pkgphoto.ca/galleries/ no
https://www.pkgphoto.ca/galleries/jeff/feed/ no
https://www.pkgphoto.ca/backlight/?m=de … image&p1=4 yes a c m p1
https://www.pkgphoto.ca/backlight/?m=pu … ripts&p2=3 yes a c m p1 p2
https://www.pkgphoto.ca/backlight/?m=pu … style&p2=3 yes a c m p1 p2
Offline
Pages: 1