Over two years ago we noted that SiteLock wasn’t doing a basic part of a proper hack cleanup, properly securing the website, which usually mainly involves making all of the software of the website is brought up to date. That situation hasn’t changed, as just about three months ago we were brought in to fix a website after SiteLock cleanup had broken it. In that case not only had the software not been updated, but SiteLock had also failed to attempt to determine how the website was hacked. If they had done that they would have spotted part of the cause of the hack was one of their web hosting partners, GoDaddy, allowed remote access databases that were set not to allow it. When you consider that SiteLock often charges $300 for a cleanup, which is more than we charge for many cleanups where we do those things, their customers are really getting ripped off.
It turns out that SiteLock doesn’t recommend using their one time hack cleanup service, not because they are not doing things properly, but so they can charge customers even more money and keep charging for something that should have a one time cost.
In a complaint with BBB (https://www.bbb.org/phoenix/business-reviews/internet-services/sitelock-llc-in-scottsdale-az-1000018625/reviews-and-complaints) one of their customers describe the situation:
After my business website was hacked on or before December 29, 2015, I was advised by my web hosting company to contact its security partner, Sitelock. Sitelock offered me two options: a one-time cleaning for $300, or cleaning plus monitoring for $90/month.
I was again told I chose the wrong product (he said they don’t recommend the $300 cleaning to anyone).
So instead of paying $300 for a low quality cleanup they wanted them to pay $1080 a year for monitoring and continuous cleanups. There are multiple issues with that. Some of those revolve around the reason they recommended against the one time cleanup:
I was then told I chose the wrong product (the $300 cleaning) because I had an active hacker who went right back to work on my site.
A proper one-time cleanup should prevent the active hacker from getting “right back to work on my site”. But if you don’t determine how the website was hacked and fix that (as websites don’t just get hacked, something had to have gone wrong for that to occur), as well as making sure the website is otherwise secured, then it isn’t surprising that a hacker could get back in.
Since SiteLock’s continuing service doesn’t do those things either, the best they can do is to keep detecting the hacker has accessed the website and clean things up after the fact. Having a hacker repeatedly get access to your website is not something that should be happening, even if it could be quickly cleaned up each time. What if a hacker gets access to customer data, once that has been taken a SiteLock clean up won’t undo that. There is also the issue that SiteLock doesn’t exactly have the best track record of detecting hacks, so they might not even spot was is going on to clean it up.
If you are spending $1080 a year on security it would be spent doing things that would actual prevent the website from being hacked, SiteLock doesn’t provide a service that does those things (probably because it would require actually doing a lot of work).
Based on all that you might not be surprised to hear that the one time cleanup done on that website had another problem. The website was messed up, which SiteLock excused based on this:
The hack affected many of the core platform and theme files (985 files total – attached). The site’s appearance after the… clean had been completed was due to the compromised core and theme files.
A proper hack cleanup would have properly fixed the compromised files so you wouldn’t be left a website with appearance issues (that was also one of the issues with the website hosted with GoDaddy earlier and earlier instance with a GoDaddy hosted website).
At this point you might be wondering why this person’s web host had a security partnership SiteLock considering how bad they are. The reason at some web hosts is in part that SiteLock’s owners also run the web hosts (something that web hosts don’t acknowledge publicly) and the other big reason is that the web hosts get a significant amount of money pushing SiteLock services. In the case of one of them, the web hosts disclosed that they get 55% of the revenue from SiteLock services sold through the partnership. Which in the case of that ongoing service, would work out to $594 a year, without requiring them to do any work. The one time cleanup would get them $165. If you do have a hacked website and are getting pushed to SiteLock, beyond obviously avoiding them, you should take a look at a previous post we wrote that goes into more detail as to what you should know in that situation.
A Better Alternative to SiteLock For Cleaning Up a Hacked Website
If your web host is pushing you to hire SiteLock to clean up a hacked website, we provide a better alternative, where we actually properly clean up the website.