SiteLock service access requirements vary depending on the plan purchased. Information is provided on a per plan basis below.
SiteLock Lite & SiteLock Find
The SiteLock Lite and Find services perform remote vulnerability scanning only and do not require any direct access to the hosting account or files.
The only requirement for provisioning SiteLock Lite is a domain name. This can either be provided via the Domain field on the product itself, or by adding SiteLock Lite as an add-on to any hosting or reseller service subscription.
SiteLock Fix & SiteLock Emergency Response (911)
The SiteLock Fix and Emergency Response services in addition to vulnerability scanning requires file level access for automated fixing. This is made possible via FTP.
To provision SiteLock Fix, only a domain name is required. When provisioned for a cPanel, Plesk or DirectAdmin hosting subscription, WHMCS will attempt to automatically create a dedicated FTP account (cPanel and DirectAdmin only) and provide the FTP credentials to SiteLock automatically. Should this fail or should it be purchased separate from a hosting subscription, FTP details can be provided manually either via the WHMCS admin user interface or via the SiteLock Control Panel directly.
SiteLock Defend
The SiteLock Defend service provides vulnerability scanning, automated fixing and WAF/CDN services. The automated fixing requires FTP access as with SiteLock Fix & Emergency Response. In addition, SiteLock Defend also requires DNS record changes.
The exact DNS record changes that need to be performed vary depending on the service purchased and the setup of the domain.
The SiteLock Control Panel provides details about the required DNS changes once site ownership verification has been completed. At this time, the DNS changes have to be performed manually following completion of the ownership validation.