As we have continued to dig deeper in to how the web security company SiteLock takes advantage of people, one central element of it is their partnerships with web hosting companies. From their main website you can’t even sign up for their services, only request a quote, and if people were to be looking around for a security provider they would likely come across many horror stories involving them when doing. Instead it looks like the services gets sold on the trust in them implied by their web hosting partnerships marketing them and due to the fact that to varying degrees the web hosts push people to use them if their website is hacked (or in some cases when SiteLock or the web host is falsely claiming it is hacked). The reality of the partnerships is that they are not based on the web hosts believing SiteLock, instead it is based on them getting paid a significant amount of money (one major web hosting company disclosed they get 55% percent of the revenue from SiteLock services sold through the partnership with SiteLock).
Neither SiteLock or the web hosts are upfront about the real reason for their partnerships. Take for example how 123 Reg announced their partnership with SiteLock last month, there is no mention of that financial arrangement. Instead they make a number of claims that don’t match what we have seen of SiteLock’s services in the real world, including:
By partnering with SiteLock, small business customers now have access to best-of-breed security solutions that deliver proactive and reliable protection from internet threats and vulnerabilities.
And:
Our partnership will ensure that websites run safely and smoothly, and will further secure the infrastructure in the UK. Through our combined efforts and commitment, we can make it easy for customers to seamlessly integrate security into their sites and prevent future attacks.
That things are not as they are claiming is hinted at by the paragraph that follows that though:
SiteLock can detect known malware the minute it hits. After identifying malicious content, it automatically neutralizes and removes the threats. SiteLock then provides businesses with complete reports on scans, threats detected and items removed.
On the one hand 123 Reg is claiming that they “can make it easy for customers to ” “prevent future attacks”, but then they are claiming that SiteLock is going detect malware the minute it hits, which indicates they can’t prevent future attacks (otherwise there wouldn’t be malware to detect). No evidence is provided that SiteLock can actually detect malware the minute it is hits and we have seen rather bad results in their attempts to detect malicious code, in one situation we found SiteLock claiming a website was secure while it contained malicious JavaScript code that compromised credit card details entered on the website.
Our experience is that SiteLock does a quite poor job of cleaning up hacked websites. For example, everything we have seen indicates that they fail to do two of three basics steps for cleaning up a hacked website, 1) making sure the website has been secured (which usually means getting the software up to date) and 2) determining, to the extent possible, how the website was hacked. In one recent instance their failure to do those not only left hackers with two forms of access to the website, but also meant that a security problem at one of their partner web hosts remained unfixed, which would allow even more website to be hacked (that vulnerability remaining unfixed would provide them more people to to have the potential to take advantage of as well).
Not to surprisingly then we have already run into an example of the partnership with 123 Reg producing the bad results you would then expect:
It’s not been awful, but it’s been repetitive. A few links stuck in the index page as far as I can see. They’ve tried to put in malware which Sitelock has found and got rid of. But they’re still getting in. We’ve changed passwords, sitelock has changed dns settings (after this I don’t understand much), any coding on the site is from the lastest version of xara web designer and xara say they’re safe. 123reg (who sold me Sitelock) said they can’t keep everything out, which beggars the question – what’s the point? PC that the site was uploaded from is free from viruses and malware. Hosting service are saying it shouldn’t happen again but are advising me to move anyway (!).
If SiteLock was doing things properly they would have done the work to determine how the website was getting hacked and fixed that, but since their idea of protection is to detect a website is hacked instead of actually protecting it, that doesn’t happen, leading to situation like what is described there.
If your web host is a partner with SiteLock your best move is probably to move to another web host since through that partnership they are showing that they don’t really care for their customers. If you are at the point where you are being contacted by your web host or SiteLock about your website being infected with malware or otherwise hacked we recommend you read one of our previous posts that takes you through some of the important information to understand about the situation before you make any decisions on dealing with it.
A Better Alternative to SiteLock For Cleaning Up a Hacked Website
If your web host is pushing you to hire SiteLock to clean up a hacked website, we provide a better alternative, where we actually properly clean up the website.
I was planning on buying SSL from my host 123-reg but after reading this I am torn, it seems all is not right. How can I protect my website?
This post is discussing 123 Reg’s partnership with SiteLock, which is separate from their sale of SSL certificates.
SSL certificates don’t directly protect websites, instead they are used in the process of encrypting communications between web browsers and the server. That could prevent a compromise of login information from the website in certain instances (among other things), but that is not major concern for the average website at this time. If you are looking to prevent the website from being hacked, then important things to do are mentioned here.