We Provide A Better Alternative If Your Web Host Is Pushing You to Hire SiteLock
If your web host is claiming that your website contains malware or is otherwise hacked and pushing you to hire SiteLock to clean it up you should know that your web host is not putting your interests first and your website may not even be hacked.
The reason that your web host is pushing you to use SiteLock isn't because they are the best company to help you, but instead it looks to be largely because the web host is getting a significant amount of money to do so. One major web hosting company, the Endurance International Group (EIG), which provides web hosting under quite a few names including A Small Orange, Bluehost, FatCow, HostGator, HostMonster, iPage, and IPOWER, disclosed to investors that they receive 55% of the revenue from sales of SiteLock services through their partnership. What seems telling about this is that the company doesn't tell their customers of this financial relationship or that the people running EIG also are the majority owners of SiteLock when recommending SiteLock or will even publicly acknowledge those things.
With the amount of money the web hosts can make off of this, it seems to have made them willing to shut off access websites based on claims by SiteLock without confirming that they are hacked. We have seen many situations where a quick check would have shown the website was not hacked, but neither SiteLock nor the web host did that before access to the website was restricted. In other instances we have seen web hosts make claims that website are hacked, without any evidence to support that, such as the person that was told that there was malware on their website and they should spend $1,200 a year to protect it based on false information from a phishing email that the customer had received. As detailed in a recent Forbes article, SiteLock will even make rather blatant false claims about the security of websites. So it is important to make sure that the website is in fact hacked before you hire SiteLock or anyone to clean it up, unless you want to potentially spend hundreds of dollars needlessly. No company should take your money before checking things over to make sure it is hacked.
With that much money going to your web host instead of the company actually doing the clean up, it shouldn't be surprising to hear that quality of the cleanups done by SiteLock is not in line with money being spent. Instead what we have seen when we are brought in to properly clean things up after them, is they are failing to do two of the three basic components of a proper cleanup. Those being making sure the website is secured (which usually mainly involves updating the software on the website) and determining how the website has been hacked. If the source of the hacking isn't determined then the vulnerability may still exist on the website, leading it to getting hacked again (about half of our hack cleanup business comes from people that hire us to re-clean a website after it was previously cleaned by someone that didn't even try to determine how the website was hacked). SiteLock has actually pointed to a failure to do those things as leading to websites being reinfected, but still doesn't do them.
In some cases the end result of SiteLock's work is even worse; on our blog we have documented a couple of times we were brought in after websites that were cleaned by SiteLock on GoDaddy's recommendation ended up broken.
While web hosts that have partnered with SiteLock will strongly push them, if you ask them directly they will tell you that you don't have to use SiteLock. They are a lot of other providers out there that provide a low quality hack cleanup service like SiteLock does, so you can spend a lot less to get that level service. If you want things done right and your website properly secured, we provide specialized services for cleaning up a variety of different web software properly, including:
- Revive Adserver (OpenX)
- Zen Cart
In many cases those services end up being cheaper then SiteLock's services despite us doing all of the things needed for a proper cleanup (it helps that a company that isn't involved in doing the work isn't getting a big cut of the fee).
If you get in touch with us about your website, you will be dealing with someone that actually deals with hacked websites instead of a commissioned salesman like you do with SiteLock. So we won't try to sell you on unneeded services or lock you in to a long term contract using misleading information (which if you agree to you, will find hard to cancel), instead our interest is in getting your website properly cleaned and secured in a timely manner. The first thing we will want to do is to make sure your website is actually hacked, as we have found that there are a lot of issues from both the web hosts and SiteLock claiming that websites are hacked when they are not. We don't charge anything to look into if the website is actually hacked (or to provide the rest of a consultation on how to best deal with the issue), so you may end up paying us nothing to get your issue resolved.
If you want to move your website to another web host that doesn't have a partnership with SiteLock, we will do the transfer for no additional charge over our normal price for just a cleanup.
If SiteLock is claiming that your website is insecure but not hacked, then our recommendation would be to ignore that claim unless SiteLock can provide you with evidence to back that up. While we don't recommend it (since the claim is likely is likely baseless), we can do a security review of the website for you in that situation.
If your websites is built on another content management system (CMS), blog, forum, cart, or gallery application that wasn't mentioned earlier please contact us through the button below, so that we can see what we can if we can assist you. If you have general questions please use that as well to get a prompt relevant response.