How to setup SiteLock

For a long-term solution to monitor and maintain site security and prevent malicious attacks SiteLock is the perfect solution. That’s probably why they have more than five million websites protected. It’s one of the best things you can do to keep your site secure. But there is a bit of setup to get it working right.

Step 1: Create an FTP account with your host.

You will need to create an FTP account specifically for SiteLock. Login to your hosting account, and create that. The FTP account cannot use [email protected] as a username, but it can be anything else. Use a secure password. Set it to the directory of the domain you are protecting or the public_html folder for all web files. If you aren’t sure which folder a domain is pointed to, check out this article. Here is an example of this in the cPanel:



Step 2: Open your SiteLock Dashboard’s Download Settings

You will need to enter the correct FTP information into your SiteLock Dashboard. Click the Settings tab, then the Download Settings sub tab beneath that. The page will look something like this:


Step 3: Enter your FTP Account information

Here enter the information for the FTP account you created earlier.

Example SiteLock FTP Settings. Click to enlarge

  • Method for File Transfers: “FTP”
  • FTP host address: use the shared server IP on your account, or if you have purchased a dedicated IP use that instead.
  • (S)FTP Port Number: “21”
  • Root Directory: You can just put “/” since the FTP account already points SiteLock to the right folder.
  • User ID : put the username including the domain name of the ftp user (such as [email protected])
  • Password: put the password of that ftp user here
  • Select a speed for FTP file downloads: This setting is up to you but Faster is the best choice.
  • Maximum Download Time: This setting is also up to you, but longer is better so 120 minutes/day is the best choice here.

Click “Submit” to save those changes.

Step 4: Automatic Removal

This is what makes sitelock so great. Often times it can take care of malware automatically, while most services like this just notify you of problems. To enable automatic removal, in your dashboard click the “SMART Settings” tab and it will open a page that looks like this:

Click to enlarge

Under Automatically remove malware “Yes, automatically remove the malware“, if you want it to remove it automatically. Otherwise it will just send an email to the email on file when malware is detected. You should set it to automatically remove for the best results. Click “Submit” to save that change, and SiteLock is ready to go!

Step 5: Get your SiteLock DNS records.

Some SiteLock plans include an extra later of security with it’s Web Application Firewall that works at the domain’s DNS level. It can route good visitors into the fast lane, and bad visitors (hackers, malicious bots, etc) to a dead end. If you buy SiteLock through your host, often times this is setup automatically. But in some cases it’s not so you’ll want to double check. Here’s how you’ll do that:

In your SiteLock dashboard, click “Trueshield Settings” and then “General Settings“.


Then take a look at the DNS Settings for SiteLock, and copy them to a safe location. We’ll use them in the next step.sitelock-dns


Step 6: Point your domain name to SiteLock’s network.

Next you’ll login to your account with your DNS host. Open the Zone Editor with your DNS Host and point your domain name to SiteLock’s network. You will do that by setting your site to use the same DNS settings for A records and the WWW CNAME that you copied “DNS Settings for SiteLock”  earlier.


If you need help editing your Zone File, often time your DNS host can help you.

That’s it! Now that you have setup SiteLock’s FTP account and pointed the DNS of your site to SiteLock’s Network you are all set! Enjoy SiteLock’s world-class security protection.

The short URL of this page is:

Leave a Comment