{"id":3506,"date":"2017-05-25T15:40:51","date_gmt":"2017-05-25T21:40:51","guid":{"rendered":"https:\/\/www.whitefirdesign.com\/blog\/?p=3506"},"modified":"2017-05-25T15:40:51","modified_gmt":"2017-05-25T21:40:51","slug":"sitelock-wants-you-to-believe-that-leaving-malicious-code-on-your-website-for-a-while-is-not-a-threat","status":"publish","type":"post","link":"https:\/\/www.whitefirdesign.com\/blog\/2017\/05\/25\/sitelock-wants-you-to-believe-that-leaving-malicious-code-on-your-website-for-a-while-is-not-a-threat\/","title":{"rendered":"SiteLock Wants You to Believe That Leaving Malicious Code on Your Website for a While Is Not a Threat"},"content":{"rendered":"

When it comes to the much maligned web security company SiteLock we hear many complaints, but the two we hear the most about are\u00a0them falsely labeling websites as being infected with malware (as we discussed in another post earlier this week<\/a>) and that they provide protection services that don’t end up actually doing much, if anything, to protect websites.<\/p>\n

One example of them not really protecting websites\u00a0is when their idea of protection is try to detect that malicious code has been added to the website after that it has been hacked. While we would hope would be obvious is that if malicious code is getting on the website it isn’t being protected in the first place, but it would appear that isn’t the case considering they are not the only ones that market services along those lines as protecting websites.<\/p>\n

That this would protect as website is something they\u00a0actively promoting, as can be seen in\u00a0these lines from a recent post<\/a> on their blog:<\/p>\n

Wyatt plays a key role in manually reviewing code that our SMART scan flags as suspicious. If the code is found to be malicious, he\u2019ll write new scripts for our scanners that are designed to automatically detect and remove malicious website code before any damage is done.<\/p><\/blockquote>\n

There are several issues with that.<\/p>\n

First, is what we were mentioning before, malicious code is getting on the websites in the first place.<\/p>\n

Second, if there scanner is able to flag it as suspicious (which isn’t a given<\/a>) it is still going to remain there unless code is written to be able to remove it, which delays removal for new code (which based on the variety of code we see is likely occurring frequently).<\/p>\n

The most galling part of it though is this, that it will “remove malicious website code before any damage is done”. Unless the code\u00a0is removed immediately after it is added then the chances of it being removed before any damage is done are very small. Usually the code would start impacting visitors immediately or the hacker would utilize it to take further actions right after they added it. From what we can tell it looks like they usually scan the files once a day, so the chances of it being removed immediately are also very small. One day is long time for a website to serving malicious code or a hacker to take further actions.<\/p>\n

Where this becomes even more problematic is if the code is used to copy sensitive data off of the website, as once that has happened, removing the malicious code won’t\u00a0undo that having happened.<\/p>\n

What makes this all so unfortunate is that just doing the basics would keep many websites from being hacked<\/a>\u00a0and those are things that SiteLock can’t or doesn’t provide in their services. Furthermore, just looking at SiteLock’s case studies show their customers<\/a> are not doing one of those things<\/a>. We would guess that is in part due to their customers being misled by SiteLock that they providing protection for\u00a0their website that they are not.<\/p>\n","protected":false},"excerpt":{"rendered":"

When it comes to the much maligned web security company SiteLock we hear many complaints, but the two we hear the most about are\u00a0them falsely labeling websites as being infected with malware (as we discussed in another post earlier this week) and that they provide protection services that don’t end up actually doing much, if … Continue reading “SiteLock Wants You to Believe That Leaving Malicious Code on Your Website for a While Is Not a Threat”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[39,125],"class_list":["post-3506","post","type-post","status-publish","format-standard","hentry","category-bad-security","tag-sitelock","tag-smart"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/3506","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=3506"}],"version-history":[{"count":4,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/3506\/revisions"}],"predecessor-version":[{"id":3511,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/3506\/revisions\/3511"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=3506"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=3506"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=3506"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}