You may run into an error while running the malware scan on your site. The following error codes are the most common.
cURL error 28: Connection timed out
This is likely just a temporary connection issue between Sucuri and your site. However, if you continue to receive this error, please let us know and so we can take a closer look.
Error Message: cURL error 35: Unknown SSL protocol error in connection to sitecheck.sucuri.net:443
Error Code: http_request_failed
Sucuri is no longer supporting TLS 1.1 and you need to have your host upgrade you to TLS 1.2.
Possible Site Issue: Unable to properly scan your site. Site returning error (40x): HTTP/1.1 403 Forbidden
The first thing to check is to make sure none of the Sucuri IPs have been added to the Banned Hosts list in iThemes Security. You will find the Banned Hosts list in the Banned Users module.
If you do not see the Sucuri IPs in the Banned Hosts lists the next step will be to ask your host to whitelist the IPs.
If Sucuri is still receiving a 403 error when attempting to scan your site the next step will be to check for a conflict.
Index page missing. Directory and file listing permitted
This means that directory browsing is enabled on the server, and it shouldn't be as it's a security risk. You can disable directory browsing in the System Tweaks by enabling the Disable Directory Browsing feature.
More than one SPF record for this domain
This means your domain has more than one SPF record. While this isn't necessarily indicative of a compromise you should contact your host to make sure the SPF records you have are legitimate.