When it comes to information on web security a lot of it is incredibly inaccurate. A lot of that comes from security companies, as can be seen by looking over many of the posts on this blog detailing some of the many instances of that happening. They are not alone in this, much of the information put forward by the public is wrong as well.
One area where we have been seeing that as well dealing directly with people making such claims, involve baseless or outright false claims about the web security company SiteLock and their web hosting partners. What makes this stand out is there is so much bad stuff about them that is true and yet you have people making untrue claims of bad things they are supposed to be doing, but are not.
In some cases the true problems and the false ones might be related. Recently we discussed yet another instance of SiteLock falsely claiming that a website contained malware, this time it involved a link URL for blog post comment that linked to an unregistered domain name. We often see and hear people claiming that SiteLock or their web hosting partner have hacked their websites. We have yet to see any evidence of that or any a plausible explanation of how someone came to the conclusion that had occurred. It seem conceivable that some of those claims involved websites that SiteLock falsely claimed contained malware and the owner believed that it was infected, but thought that SiteLock did it (that might sound odd, but it doesn’t based on some of the interactions we have had with people making the claims).
Recently we have seen and heard from a many people claiming that SiteLock and their web hosting partners are holding websites hostage, holding them for ransom, or are engaged in extortion.
What these seems to underlie this is people reading previous claims along the same lines or not paying attention to what they are being told.
The reality is that while SiteLock’s web hosting partners will often disable a website if they believe malware is on it (and they are not always right) there is no requirement that you hire SiteLock to clean up the malware, as we mentioned before. Here for example is the text that Bluehost (whose parent company does business under the names A Small Orange, FatCow, HostGator, iPage, IPOWER, JustHost, and quite a few others) explains what needs to be done to have the website turned back on:
You will need to review your files and clean the account accordingly by removing all malicious files, not just the reported url. Once you have confirmed your files are clean and no longer a threat, please contact us again to have your account reactivated.
In dealing with lots of website that are in this situation there has never been any issue with the website being turned back on when we have cleaned up the website instead of SiteLock.
We also haven’t seen any issue where people could not get the access needed to move their website before it has been cleaned up.
In cases where website have incorrectly been disabled and we were ask to take a look at the claim, we are not aware of any situation where the web host did not the turn back on the website after it was pointed out there was false positive that lead to disabling.
If you have a website that SiteLock or their web hosting partners are claiming is hacked what we suggest you do is to get any evidence they will provide you about the issue and then get a second opinion on the situation. We are always happy to do that for free and we hope that other security companies, who are certainly aware of what is going on, would do that as well.
Someone that knows what they are doing will usually easily be able to tell if the website is in fact hacked and needs to be cleaned. If it is hacked, you would probably be best off not hiring SiteLock to clean it because not only do they overcharge for the quality of service they provide (due in part to how much of the fee is going to their web hosting partners), but also because they don’t properly clean up websites.
A Better Alternative to SiteLock For Cleaning Up a Hacked Website
If your web host is pushing you to hire SiteLock to clean up a hacked website, we provide a better alternative, where we actually properly clean up the website.
I am using HostGator and received a call two days ago from Sidewalk Website Security (affiliated with HostGator they said) informing me of a vulnerability. Have you heard of these folks? I do know on the cPanel there is a link to SiteLock. Thx.
Are you sure there wasn’t just some miscommunication, because Sidewalk and SiteLock are fairly similar sounding names and there is nothing that comes up when doing a search for Sidewalk Website Security? It would be a little strange that HostGator would start partnering with a company with a similar sounding name to a company they are already partnered with, especially when they are run by SiteLock’s owners.
definitely a scam with Ipage and Sitelock.
They report malware on sites that I once had but have long been closed as being the source of malware. They send you to Sitelock who wants $100.
I resisted. I insisted that a IPAGE show me the malware problems – all on deceased sites – and insisted that they show me how to clear them.
Two days later my active sites are still d0wn.
Collusion !
Depending on you what you mean by closed this might not be a scam at all, as if the files still exist then there certainly could be malware even if the website is closed.
A better path for dealing with this sort of situation then what you are describing would be to follow the recommendation at the end of our post.