All Collections
SiteLock SecureWeb + WAF/CDN Installation
SiteLock SecureWeb + WAF/CDN Installation

How to configure SiteLock SecureWeb and WAF/CDN.

Updated over a week ago

Login to your SiteLock Dashboard.

Note: You can view our topic on logging into your SiteLock Dashboard if you need help with this step.

SMART Wizard

1. Create FTP credentials or use existing FTP credentials connected to the site's root directory (wwwroot, public_html, etc.). You can view our topic regarding creating FTP accounts for Windows or cPanel.

2. Configure the FTP for use in the SMART Wizard form using the respective credentials, port, and FTP method collected in the first step.

3. Select the site's root directory (wwwroot, public_html, etc.) and press the 'THIS IS IT' button.

4. You will receive a notification to configure the SMART Wizard settings, press the "SMART Settings" button.

5. You will now need to select between the following options in the dropdown menu:

No, just warn me: The SMART scan will issues warnings when malicious code is found.

Yes, automatically remove the malware found: The SMART scan will automatically remove the malicious code upon finding it during the scan.

6. If needed, you can configure SMART to exclude certain files by pressing the 'MANAGE EXCLUSIONS' button which will bring you to the following screen:

You may navigate through directories and select files to exclude from the scans. Once you have selected the files that you would like to exclude, you may press the 'SAVE' button.

Domain Name Verification

Option 1(HTML Meta Tag): Add the HTML Meta Tag provided to the <HEADER> section on the homepage for the site.


Option 2(Upload HTML File): Download the provided file and upload the file to your site's home directory. You can do this through FTP or an available File Manager, such as cPanel or the Windows Control Panel( File Manager.

Option 3(DNS Record): You will need to create a TXT record for the domain name as prompted. You can do this through our Windows Control Panel( DNS Editor, or if you are utilizing cPanel, the equivalent.

SSL Scan

Input the Common Name for the site, for example:

Please be sure to NOT include the "https://" or "http://"

If you do not have the CDN/WAF add-on for SiteLock, you do not need to continue with these instructions.

Trueshield Configuration

1. When navigating to the TrueShield Wizard, you will find the first step provides you a TXT record. You will want to copy this TXT record and create it for the host name of the site you are covering. In the above image, you would create the record as follows:

TXT value: _globalsign-domain-verification=

If your site is a Windows package, you can utilize WCP to make the TXT record. If you are utilizing a cPanel package, you can utilize the DNS Editor.

2. In the Manage Certificate tab, you can upload a SSL certificate to secure the route between your server and SiteLock. If you do not have a SSL certificate for your site, you can purchase one here.

3. The SSL Traffic Flow will verify whether or not SSL traffic is being routed through SiteLock.

4. Step 2 is a routing check for your site's DNS records. You will need to navigate down to the 'Trueshield Settings' section below to find the DNS records you will need to configure to pass this verification step.

If your site is a Windows package, you can utilize WCP to make the DNS record. If you are utilizing a cPanel package, you can utilize the DNS Editor.

5. Step 3 is an optional step that will navigate you to the Trust Seal Installation page.

Trueshield Settings

You can find the Trueshield settings by navigating to the 'Settings' in the left panel of the dashboard, navigate to the 'Trueshield Settings' and to the 'General Settings' tab.

You should be able to see the following settings page:

1. Traffic Routing

Route my traffic via SiteLock's network - As the namesake; routes traffic through SiteLock's network

(Optional)Use TrueSpeed for acceleration - Utilizes TrueSpeed, a CDN that will cache browser pages.

(Optional)Use TrueShield for prevention - Utilizes TrueShield, a WAF that will monitor for malicious traffic.

Temporarily bypass SiteLock's network - Bypasses the SiteLock network and routing the connection directly to the server.

2. DNS Setting

2.a Original DNS - The original A record of the domain name

2.b DNS Setting for SiteLock:

A Record - These are the IP addresses you would configure for your domain name ('')

CNAME - This is the CNAME record you will create for the www. subdomain('') for your domain.

3. SSL Configuration Status
Provides you information on the current SSL certificate that SiteLock is detecting. You may also use this to install an SSL certificate(.pfx file) to secure the connection between SiteLock and your server.

4. Site IP
This displays the IP address that SiteLock is routing the traffic to (i.e. the IP address to the server your site is being hosted from). You may also change the IP address using the 'CHANGE IP' button.

5. Purge Cache Now
Purges the CDN cache.

Did this answer your question?