Logan Kipp

Hi @stratocaster,

Logan from SiteLock here. There are additional options available to you, I would suggest checking out the SiteLock Security WordPress Plugin as an option. If all you are looking for is malware cleaning and service, I believe the pricing inside the plugin will be more aligned with your expectations.

SiteLock has many partnerships with companies where custom plans are created based on the partners’ requirements and offered through their platforms, which can vary significantly in features (and therefore price). I hope that this helps to clear up any confusion around the matter.

With regard to your question about the “purged” website remaining hacked, keep in mind that once malware has intruded into your web environment, it would be a simple task to traverse between directories and spread. Even after cleaning the initial point of infection, there is a risk that the infection could spread once again if parts of the malicious software are missed.

If there’s anything I can do to further clarify on the SiteLock products, or answer any malware questions, please let me know.

@oliverrealize,

While what you’re describing sounds to be more of a SiteLock services review than a review of this software, the free WordPress plugin, we’d certainly like to know more about your situation. As I am not able to discuss account-specific information on this public forum, could you please email me directly at [email protected] with the domain name in question so that I can look into this further for you?

I have also sent you an email directly.

• This reply was modified 6 years, 2 months ago by Logan Kipp.

@vanillabean,

Back up your database first. This is very, very important.

@stevekeller,

I’m not with Wordfence but I get an alert when someone says SiteLock three times in a mirror (or on this forum) and thought I’d help point you in the right direction.

It looks like your site is currently suspended by your host. If that’s the only thing keeping your site from being up, ask them for a list of the infected files. They may have already put a convenient list in a TXT file in the webroot or /stats if you check your file manager. I’d strongly recommend against attempting to clean the website yourself if you don’t have a background in malware remediation, but you sound pretty determined. I hope this helps.

@rabsworld,

Logan from SiteLock here. @jnashhawkins is correct that this message is related to a lack of an SSL certificate in use on the login page. Many modern browsers now generate little alerts like this when they see that you’re sending sensitive information (e.g. username and password) over a plaintext (non-SSL) connection. SSL certificates enable to use of the secure HTTPS protocol, which encrypts the data you submit (user/password) in transit instead of sending them in plainly-readable condition. This is important because in this day and age, depending on how you’re connecting to the website, there is a possibility of an adversary eavesdropping this data and capturing it.

Using an SSL certificate is like putting all that important information in an armored truck for transport, versus a 1970 Lada. Sure, the Lada is tried-and-true, and a moniker in its own right, but in this day and age I would not recommend transporting bundles of valuables across the continent in it. It offers little in the way of modern security. In the same token, your browser does not recommend you transporting valuable data across the world using good old HTTP. It trusts HTTPS.

Your hosting provider most likely offers an SSL solution, you may wish to reach out to them.

• This reply was modified 6 years, 8 months ago by Logan Kipp.

@mighty-good,

Logan from SiteLock here. What I’ve taken from your post is that you believe that your existing SiteLock subscription doesn’t support SSL, which I’d like to help you out with. All of the SiteLock Scan plans HostGator offers support SSL, but the ‘Basic’ TrueShield product that they throw in as a bonus with the purchase of a ‘Find’ or ‘Fix’ level scanner does not support SSL. So to clarify, the scanner package you bought is good to go, it’s just that bonus CDN/WAF add-on they gave you needs to be upgraded from ‘Basic’ to ‘Professional’ or higher to support SSL. You can still use your current scanner plan without the TrueShield bonus add-on.

Here’s a link on the subject: https://www.hostgator.com/help/article/enable-sitelock-trueshield-and-truespeed

As far as “Wordfence v. SiteLock” goes, it’s a common misconception that we’re competitors. SiteLock and Wordfence are different types of solutions that are not mutually exclusive — many, many people use both simultaneously and I find that they compliment one another quite nicely. One is a cloud-based solution (SiteLock) and the other an endpoint solution (Wordfence), which are different approaches to application security that each have their strengths. You don’t necessarily need to choose one over the other.

I hope this helps you.

• This reply was modified 6 years, 9 months ago by Logan Kipp.
• This reply was modified 6 years, 9 months ago by Logan Kipp.
• This reply was modified 6 years, 9 months ago by Logan Kipp.
• This reply was modified 6 years, 9 months ago by Logan Kipp.

@mighty-good,

@gatoralanw really hit the nail on the head there. There’s only one product in HostGator’s SiteLock offering that does not support SSL, and that is the SiteLock TrueShield Basic WAF/CDN that is included at no additional charge with the ‘Find’ and ‘Fix’ Scan plans offered. In these cases you would want to upgrade the TrueShield tier to at least Professional for SSL support as @gatoralanw mentioned.

From HG link provided:
“SiteLock TrueShield Basic (The Web Application Firewall and Content Delivery Network included with both Find and Fix plans) is not compatible with the use of SSL for your site.”

As a final note, since in this single thread we’ve referenced two different hosting companies’ SiteLock offerings, I want to avoid any confusion from future readers. SiteLock has a number of different partners, each of which may have unique product and feature agreements with us, so troubleshooting steps may be different for other partner plans. As always, we encourage you to reach out to the partner for questions about which features are supported in their plans, or SiteLock directly for any issues with an existing SiteLock account.

• This reply was modified 6 years, 10 months ago by Logan Kipp.
• This reply was modified 6 years, 10 months ago by Logan Kipp.

@rogeralb,

Glad to hear this was resolved. If anything else comes up please don’t hesitate to reach out!

@rogeralb,

Logan from SiteLock here. To reiterate, SiteLock supports the Bluehost free SSL. It is apparent that you are experiencing a configuration issue that could use some attention. I would once again encourage you to contact SiteLock directly so that we can assist you with resolving this issue.

@wendy-garrity — I touched base with our Support team who have advised me that you were able to resolve this issue with them yesterday. Please let us know if there is anything else we can help you with.

@rogeralb — If you are experiencing any issues using free Bluehost SSL certificates with SiteLock services, we’d definitely love to help you get those resolved as well. Please reach out at your earliest convenience.

*Edited for typos.

• This reply was modified 6 years, 10 months ago by Logan Kipp.
• This reply was modified 6 years, 10 months ago by Logan Kipp.

@wendy-garrity,

Logan from SiteLock here. I can assure you that all paid SiteLock products are 100% compatible with SSL. We are a security company that strongly encourages all websites to use SSL certificates, with or without eCommerce or online forms. Just based on what I’ve read here, it sounds like your new SSL certificate simply needs to be uploaded to SiteLock’s servers. Each time your SSL certificate is renewed, typically Bluehost automatically installs it to your hosting server, and typically this is also transmitted to SiteLock automatically. For most Bluehost customers using SiteLock this is a completely seamless operation that requires no action because our systems do the heavy lifting for you. Clearly there is some reason the automatic integration did not complete this task. Without knowing the specifics of your hosting plan I couldn’t say why this was not performed automatically, but rest assured that this is something that can be resolved by contacting SiteLock Support.

I apologize for the long wait using SiteLock chat. Yesterday we observed Memorial Day here in the United States, which is a holiday often celebrated through the three-day weekend. There may have been reduced staff on the chat team as a result. I’ve reached out to you via email to ensure this gets addressed.

• This reply was modified 6 years, 10 months ago by Logan Kipp.
• This reply was modified 6 years, 10 months ago by Logan Kipp.

@licornstore,

The Risk Score module evaluates several hundred points of data regarding the complexity, composition, and popularity of your website and delivers an estimated risk based on these factors through the lens of an adversary. Items that would make you a more likely target (increased risk) include factors such as using outdated software, accepting credit cards on the website, or being immensely popular. Items that would decrease your risk score include the use of a web application firewall, keeping patches up to date, and minimizing the number of plugins/themes. These are just a few examples, among hundreds of other factors. I am unable to discuss account-specific information on this forum, but within the Risk Score section of your dashboard you can view some of the major factors used in calculating this score, as well as recommendations for minimizing risk.

@ronwisely,

Regardless of whether you choose to utilize the SiteLock service offered via HostGator, or any vendor at all, it’s important to understand how this happened. I would first like to reiterate what @wfasa mentioned, that this is almost certainly a breach due to vulnerable code rather than a compromised cPanel. When multiple websites are hosted within the same hosting plan, there is little to stop malware from spreading between them, as they share the same file structure. I’m glad to hear that you’ve been successful in removing the malware, your next steps should be to get a second set of eyes to verify that the website is clean, and track down the vulnerability or vulnerabilities that lead to this compromise in the first place. For these steps I do recommend utilizing professional services, as this can be a very involved process.

@licornestore,

It was a pleasure speaking to you on the phone today and completing the verification process. Please don’t hesitate to reach back out if you require any further assistance.

@licornestore,

Glad to hear this was resolved. Both the static badge on mobile as well as the floating badge on desktop appear to be working very nicely on my devices. Thanks for reaching out, feel free to let us know if anything else comes up.

Marking thread as resolved.