HostGator Is Actively Hiding the True Nature of Their Partnership With SiteLock

When it comes the really bad practices of the web security company SiteLock, they often involve their partnership with various web hosts. Considering that long ago we had seen that SiteLock didn’t seem to very good at handling security, whether it be not properly cleaning up hacked websites or not doing a basic security check before declaring a website secure, we had long assumed that these partnerships were not based on the web hosts believing that SiteLock was the best company to best help their customers, but instead based on the web hosts being paid to push their services. Those payments, it turns out, are happening, but they tell only part of the story of the partnerships with some of the web hosts.

Last month while looking for some other information about SiteLock we can across the fact that the companies majority owners also are the CEO and a board member of the web hosting company Endurance International Group. That companies does business under the brand names A Small Orange, Bluehost, FatCow, HostGator, HostMonster, iPage, IPOWER, and many more.

Through that we also found that in the case of Endurance International Group, not only were they getting paid for the sales of SiteLock services through the partnership, but they were receiving a majority of the fees as of fiscal year 2014.

In the case of both of those facts, they were disclosed to investors, the ownership is disclosed in financials statements and the fee breakdown was disclosed in a prepared remarks for an earning conference call. To the public those things have not been disclosed in the normal course of business. And a recent interaction we had with HostGator support on twitter show that isn’t just that they don’t go out of the way to disclose them, but are actively trying to hide those facts.

The interaction starts with this tweet from HostGator Support to a customer of theirs that doesn’t mention either of those items as reason why they are partnered or “suggest” SiteLock:

Its worth noting that when it comes to cleaning up a hacked websites, you would do things the same way no matter the web host, so working well with their service is explanation that doesn’t make much sense for hack cleanups. It also worth noting, as we did before, that HostGator doesn’t make it easy to properly clean up hacked website since log files are not stored for a sufficient amount of time be default. If this was a real partnership and SiteLock actually properly cleaned up hacked websites, we would expect that issue would have been resolved a long time ago.

We sent a reply to their customer mentioning the CEO connection:

In turn HostGator starts to obfuscate (due to the limits of tweet length our tweet had not had made the distinction that the CEO in question, was of Endurance International Group, but it is clear in the linked post)

We then sent a reply clarifying that and they replied:

At that point we said that we hope they would start to disclose the true nature of their partnership:

Which in turn lead stating they could not confirm that, despite those being facts that their parent company has already confirmed (otherwise we wouldn’t know them):

At this point, they claim they can’t confirm they are getting paid:

It is one thing for them to not mention what is going in the normal course of business, but to actual being unwillingly to tell the truth is pretty telling as to what is going on.

The conversation ended after we pointed out that we were not asking them to confirm anything, just disclose what we both already know to be true:

What To Do If You Get Contacted by HostGator or SiteLock About a Hacked Website

One of the bad practices we have seen from SiteLock is to claim that website are hacked when they are not, so if you get contacted by either of them with claim that the website is hacked you should get a second opinion. We are always happy to provide a free consultation on how to best deal with a hacked website, which includes double checking as to whether the reason the website is believed to be hacked does in fact make sense (often times other issues are confused with actually hacking issues and that can usually easily recognized by someone who deals with hacked website on a regular basis).

Considering how bad of a job SiteLock has been doing with cleaning hacked websites as of just the last month and their bad practices you would probably be best off avoiding them when you are dealing with a hacked website. You also might want to consider moving to a web host that doesn’t partner with SiteLock, as that partnership seems like it is pretty clear warning of how they treat their customers and a lack of concern for security.

A Better Alternative to SiteLock
If your web host is pushing you to hire SiteLock to clean up a hacked website, we provide a better alternative, where we actually properly clean up the website if it is truly hacked or if isn't we will help you to get the issue resolved for free.

Before you do anything else though, you should check out our post on what you should know when you get contacted by or about SiteLock.

Leave a Reply

Your email address will not be published.