SG Site Scanner powered by Sucuri
Having a website regularly scanned for security issues, is something we have always highly recommended to our customers. Our site scanning service (known as HackAlert until recently) has always been among the bestsellers and is used by thousands of our customers to check their websites and inform them in case of a malware. Today we are happy to announce that we have introduced a number of improvements to these services. It is now called SG Site Scanner, it is powered by one of the most prominent web security experts – Sucuri.net, and it is simply awesome!
Why Sucuri?
There are several reasons to change our scan partner from Armorize to Sucuri. First, Sucuri is one of the most respected companies in the website security field. In addition, we have been working in partnership with them for several years. We have relied on their expertise for solving numerous complex security issues. And last, but not least, many of our clients’ websites have also been cleaned by Sucuri from malicious code over the years. That is why it was only natural that we extend this already successful partnership and make it cover the daily site scans too.
What is so good about SG Site Scanner?
More efficient scanning and reporting
We now scan all the pages that are linked on your website homepage (or any other page of your choice) on a daily basis. This has proven to work more efficiently than the previous system of scanning a limited number of 10 random pages. If any issue is detected the site owner immediately receives a notification email.
More convenient interface
The SG Site Scanner report page is part of your SiteGround Customer Area now. It is no longer needed to log into another interface to access information on the security status of your site. In case of an issue all infected URLs and/or blacklists are conveniently listed in the interface. It also allows you to push an unscheduled scan with a click and you can easily switch on and off the weekly email status reports.
If you already have HackAlert, no action is required on your part — it has already been replaced with the SG Site Scanner. If you are still not using any regular scanning service we strongly recommend that you start today. You can order the SG Site Scanner for any domain of your choice in your Customer Area.
Comments ( 37 )
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through
Rainer
Thank you for your great service!
Karl S.
Wonderful. This is sweet! Good job, SiteGround. Just another improvement and another reason you have earned further customer loyalty. From me, anyway. :-D Keep up the great work.
Robin
Brilliant news, thanks for all you do to make Siteground a good place to do business. Yesterday I noticed securi had visited my site... I thought it was a spammy link and was going to add it to my .htaccess!
Scott
Wow, this is great news! Securi.net is a trusted partner of mine already!
Rob Bezouwen
Great, the best of both worlds SG and Sucuri, a great team together. Well done.
Francisco Espinoza
That's a wonderful news. Sucuri is one of first choice in terms of security systems. Thanks for this SG.
Joe
This is great news! So do we get the full Website Firewall and Antivirus products offered by Sucuri? Or is it just a daily scan?
Hristo Pandjarov Siteground Team
Just the malware scanning service. If you want to use their CDN and firewall, you need to get it directly from Sucuri.
Thomas
Will this service scan all the site's file on a daily basis? Will it work for Wordpress?
Lilyana Yakimova Siteground Team
The SG Site Scanner is a remote type of service that looks for issues detectable in a browser like malware, defacement, redirects, pharma hacks, etc. It crawls the web pages linked from your homepage daily looking for such issues. It does not include server side scanning for malicious files that does not manifest in the browser like mailer scripts or other issues with the code. The scanner is perfectly compatible with WordPress sites.
Jin Hong
I have a couple of questions. Does the service come with a site seal showing a site is being scanned daily, and that it is clean? Also, how would it work for wildcard domains? Do we need to purchase a separate service for each sub-domain?
Lilyana Yakimova Siteground Team
SG Site Scanner does not come with a site seal and there is no mark that your website is being scanned. Also for each separate subdomain a new SG Site Scanner should be purchased.
Szabesz
Hi, Q1: Alongside "SG Site Scanner" HackAlert still seems to be running. I got its weekly report too. Why so? Q2: Quote: "We now scan all the pages that are linked on your website homepage (or any other page of your choice) on a daily basis." Where can I configure "the page of my choice"? Are there any configuration options at all? If so, where? Also, can we get a detailed report of the pages scanned? Q3: No more optional daily reports? Only weekly? We needed the daily report so that we could test our email filters, because reports are only sent to one email address, but we need to forward the report to some other address. With only a weekly report, it is much harder to test our forwarding setup. In terms of configuration and transparency SG Site Scanner is worse than HackAlert. SG Site Scanner is a lot more like a black box.
Hristo Pandjarov Siteground Team
As to your first question, that would be the last email you get from HackAlert. Both were operational for a short period of time but now only the new service runs on our servers. SG Site Scanner goes through all indexable urls, I am afraid that at this point you can't se manually which pages to be scanned. As to your last question, I am afraid that at this point we send only weekly reports. However, we will consider the option to add functionality for daily scans. We want to make the tool as simple as possible and to work right away without you having to configure it. That's why it doesn't have as many configurations as the HackAlert. As a service, however, it's really way better.
szabesz
Thank you for you answers, Hristo! If would be great if you guys could implement the configuration features similar to HackAlert. Of course, configuration could be completely optional, with defaults already applied. "As a service, however, it's really way better." I do believe it, however, it would be nice to see how well the scanner handles all the crosslinks and "all the pages that are linked on your website homepage".
Emanuele
Great news! I would like to buy the Securi Firewall Pack for my website. Do you have any dedicated discount for us (your customers)? Thanks in advance!
Hristo Pandjarov Siteground Team
At this point we don't have a special discount for the the full package but that's definitely something we will do our best to get soon.
Shanaya Oberoi
Sucuri is not only just for WordPress based sites, they also supports sites which are running on Drupal, PHP, .NET, Joomla and even HTML. So no matter which format your website is up on, Sucuri will make sure they are not infected.
Glen
What additional things does this do that the free sucuri plugin does not?
Lilyana Yakimova Siteground Team
The SG Site Scanner works for any type of site, while the Sucuri plugin is WordPress specific. This means that if you start your website with Weebly today, and later decide to move to WordPress, and a year from now you go on something completely custom, the scan will continue to work without any action needed on your side, as long as you use the same domain for your site. Additionally, with the SG Site Scanner you do not need to install, update or configure any plugin or other software in order to get daily checks and the associated notifications. As a whole SG SiteScanner is a more simple and at the same time more universal click and go solution, while the Sucuri plugin has a much more complicated interface that provides different WordPress specific options apart from the remote scanning and blacklist monitoring.
Glen
Sooooo......it is really no different (for a WordPress site) than the Sucuri free plugin. Is that correct? And in fact, it sounds like the free sucuri plugin actually has more options in addition to doing the same thing your solution does. So for someone like me, a web developer, it sounds like my best option is the free plugin. Would you agree?
Lilyana Yakimova Siteground Team
Yes, I would agree that for a more advanced developer, who manages WordPress sites only, the plugin may be a better match.
Simon
But wouldn't a combination of both be the best? I mean the free plugin does not do any automated site scans while the site scanner checks the site on a daily basis. Or did I misunderstand something?
Hristo Pandjarov Siteground Team
Both should work great - scans from the service and the rest from the plugin. It really depends on your preferences.
Webly
When I received the email about this change, it was literally 2 days after I read a blog from a developer who claimed that website scanning did not help her clean her website. The only thing that worked was Sucuri. I've had many web hosting services before, Siteground is by far the best experience so far. Sucuri for site scanning further confirms that this was the best decision ever.
Anthony Boyd
I heard sucuri announced partner program recently. Will siteground ever partner up with them for hosting plans like you do with CloudFlare? I would definitely sign up for that.
Hristo Pandjarov Siteground Team
This is not in our immediate plans but if we make something towards that direction we will inform our customers accordingly.
Alex
Maybe not as part of this feature, but some statistics of how many threats your WAF has blocked would be brilliant. I see 2 main benefits of it; 1) You can visually in numbers prove how well your hosting worth of investment for your customers. 2) We as customers can use those numbers to show to our clients as well. I find such statistics help to explain to clients why they need quality hosting and maintenance.
Hristo Pandjarov Siteground Team
Such page is on our roadmap and hopefully it will be online :)
Jason
Hi does the SG Site Scanner only work on the main domain or does it also scan all the add-on or sub domains & folders? Thank you
Angelina Micheva
Hi Jason, The Site Scanner service works per domain and it will scan all links on the home page of the website with this domain. It does not include a scan of add-ons or subdomains. Regards!
chris kuhn
This is a great feature you have and now it's even better as you've made it as a part of the customer dashboard, which makes for easy website security scans. I use your website scanner at least once per week for my cyber security blog SecureMy.Website against malware and top 10 OWASP threats. Most charge for this so thanks for including it for free!
Wally
This is my 1st year anniversary with Siteground hosting. I'm glad that I jumped on board when I did! I really love this site scanner and week reports that I get that site files are clean. I have never received this before with other web host. It's great to know that somebody is protecting my websites. Thanks Siteground for all that you do for us!
Ruth Schwartz
I am a new Siteground hosting customer and have been using the free version of Wordfence for years. May I assume that I no longer need that, as long as I have SG sitescanner on each of my sites?
Hristo Pandjarov Siteground Team
We have our own WAF that we maintain plus a lot of security improvements. This said, another layer of security never hurts so you can keep Wordfence if your account is well within your plan resources.
unTLDR
Is there any move towards this including scanning subdomains? We are now in late 2021 and the complexity of security surely has increased. Therefore, I would expect that the responses required would also increase in correlation.
Gergana Zhecheva Siteground Team
The Site Scanner service is set per website, so the subdomains are not scanned by default. Still, we would forward your feedback for future consideration, thank you for your question.
Start discussion
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through