When it comes the really bad practices of the web security company SiteLock, they often involve their partnership with various web hosts. Considering that long ago we had seen that SiteLock didn’t seem to very good at handling security, whether it be not properly cleaning up hacked websites or not doing a basic security check before declaring a website secure, we had long assumed that these partnerships were not based on the web hosts believing that SiteLock was the best company to best help their customers, but instead based on the web hosts being paid to push their services. Those payments, it turns out, are happening, but they tell only part of the story of the partnerships with some of the web hosts.
Last month while looking for some other information about SiteLock we can across the fact that the companies majority owners also are the CEO and a board member of the web hosting company Endurance International Group. That companies does business under the brand names A Small Orange, Bluehost, FatCow, HostGator, HostMonster, iPage, IPOWER, and many more.
Through that we also found that in the case of Endurance International Group, not only were they getting paid for the sales of SiteLock services through the partnership, but they were receiving a majority of the fees as of fiscal year 2014.
In the case of both of those facts, they were disclosed to investors, the ownership is disclosed in financials statements and the fee breakdown was disclosed in a prepared remarks for an earning conference call. To the public those things have not been disclosed in the normal course of business. And a recent interaction we had with HostGator support on twitter show that isn’t just that they don’t go out of the way to disclose them, but are actively trying to hide those facts.
The interaction starts with this tweet from HostGator Support to a customer of theirs that doesn’t mention either of those items as reason why they are partnered or “suggest” SiteLock:
@andyschwartz Sitelock is a trusted partner of ours, we suggest Sitelock because they do work well with our services.
— HostGator Support (@HGSupport) October 10, 2016
Its worth noting that when it comes to cleaning up a hacked websites, you would do things the same way no matter the web host, so working well with their service is explanation that doesn’t make much sense for hack cleanups. It also worth noting, as we did before, that HostGator doesn’t make it easy to properly clean up hacked website since log files are not stored for a sufficient amount of time be default. If this was a real partnership and SiteLock actually properly cleaned up hacked websites, we would expect that issue would have been resolved a long time ago.
We sent a reply to their customer mentioning the CEO connection:
@andyschwartz @HGSupport What HostGator didn't mention to you is that their CEO is also one of SiteLock's owners https://t.co/X1L52iiKI9
— White Fir Design (@whitefirdesign) October 10, 2016
In turn HostGator starts to obfuscate (due to the limits of tweet length our tweet had not had made the distinction that the CEO in question, was of Endurance International Group, but it is clear in the linked post)
@whitefirdesign Hostgator has it's own CEO, who does not own Sitelock.
— HostGator Support (@HGSupport) October 10, 2016
We then sent a reply clarifying that and they replied:
@whitefirdesign Thank you for that clarification.
— HostGator Support (@HGSupport) October 10, 2016
At that point we said that we hope they would start to disclose the true nature of their partnership:
@HGSupport Hopefully you will start disclosing that relationship and that you get paid when SiteLock services are sold to your customers.
— White Fir Design (@whitefirdesign) October 10, 2016
Which in turn lead stating they could not confirm that, despite those being facts that their parent company has already confirmed (otherwise we wouldn’t know them):
@whitefirdesign We thank you for your feedback, we cannot confirm this as fact, so we will offer no comment to your claim. We apologize.
— HostGator Support (@HGSupport) October 10, 2016
At this point, they claim they can’t confirm they are getting paid:
@whitefirdesign Your asking us to confirm Hostgator gets paid, by Sitelock, and unfortunately we cant do that. We apologize. We do trust EIG
— HostGator Support (@HGSupport) October 10, 2016
It is one thing for them to not mention what is going in the normal course of business, but to actual being unwillingly to tell the truth is pretty telling as to what is going on.
The conversation ended after we pointed out that we were not asking them to confirm anything, just disclose what we both already know to be true:
@whitefirdesign We appreciate your feedback. We can offer you no other comment at this time.
— HostGator Support (@HGSupport) October 10, 2016
What To Do If You Get Contacted by HostGator or SiteLock About a Hacked Website
One of the bad practices we have seen from SiteLock is to claim that website are hacked when they are not, so if you get contacted by either of them with claim that the website is hacked you should get a second opinion. We are always happy to provide a free consultation on how to best deal with a hacked website, which includes double checking as to whether the reason the website is believed to be hacked does in fact make sense (often times other issues are confused with actually hacking issues and that can usually easily recognized by someone who deals with hacked website on a regular basis).
Considering how bad of a job SiteLock has been doing with cleaning hacked websites as of just the last month and their bad practices you would probably be best off avoiding them when you are dealing with a hacked website. You also might want to consider moving to a web host that doesn’t partner with SiteLock, as that partnership seems like it is pretty clear warning of how they treat their customers and a lack of concern for security.
A Better Alternative to SiteLock For Cleaning Up a Hacked Website
If your web host is pushing you to hire SiteLock to clean up a hacked website, we provide a better alternative, where we actually properly clean up the website.
Here’s what’s happened to me recently:
I’ve not had the issue of a site being blocked, or reported as having malware, when it doesn’t.
I HAVE, however, had malware on a site, and in order to get it back up, Hostgator support suggested sitelock to prevent future attacks, blah, blah, blah.
Recently my subscription to sitelock ran out. I have only 2 months of my hosting left,and sitlock is only available for 1 year. I was short of money, and figured I would probably be okay for 2 months. right as the subscription ran out ym main site got infected. Hostgator support said I need sitelock.
I cleaned the site myself, shut ddown the back doors, changed my passwords, scanned the site, clean.
Lo and behold, within a week of my subscription expiring, 4 of my sites get the same malware infection. I clean it, remove the backdoors, change my cpanel password, and replace any JS files that are pushing people to another site. They immediately come back within an hour or two, again, on the same sites.
Hostgator support have been repugnant. I just so happened to get the same first agent again, who told me ‘I talked to you a while ago, and you should’ve done what I told you to.’
I’ve even been told at one point they would ‘look into it, and get back to me by email’, and NO TICKET was generated. 12 hours later, I ask another agent why, and if generating a ticket is still procedure, she looks at my account, and says there’s no ticket been generated, and asks me why not!!
After another 90 minutes, nothing has been resolved, no ticket has been generated. I paid the subscription for the sitelock, just because I want my sites to be back up, and don’t have time to constantly watch them.
My conclusion, is that hostgator or sitelock, are infecting their own customer’s sites, and working against the customer, until you back down and buy sitelock.
I am 100% convinced this is happening. I will be moving to another hosting company ASAP.
probably someone not owned by the same company, maybe dreamhost, or siteground.
We deal with the cleanup of hacked websites hosted with HostGator all the time and have not had a problem with them being reinfected after being cleaned by us. What you are describing matches a situation where the website hasn’t fully cleaned up. If you miss parts of the hack or don’t determine how the website was hacked and fix that the issue can come back again and again, though often people get lucky and the hackers only hit the website once and move. Seeing as SiteLock doesn’t even attempt to properly clean up hacked websites, the current issue could ultimately trace back to that. That is why it is important to hire someone that will properly clean up a hacked website, so you don’t have ongoing issues like this.