I had a similar experience with SiteLock (Host Gator) last month. I received an email and a call from sitelock saying that my website has malware. I was able to sanitized my website after watching one of your past videos. After listening to their pushy sales pitch I politely declined their service.
They are very pushy. So far I've only heard of this being an issue with Bluehost and Hostgator (which are now owned by the same company...another coincidence?) I'm glad you cleaned the site yourself. It's really not that hard once you know what the look for. And, if you get to your host's real support, they are helpful and give you a list of infected files. At least they have always done that for me.
@@wplearninglab hostgator support is worst when it comes to hacked site,they just redirected me to sitelock lol, didnt even try to answer if my site is hacked or how its hacked.
It's pretty crazy how frequently this happens with Sitelock. Just make sure the host you pick is not owned by EIG. Check out EIG on Wikipedia to see all the host's they own.
I've used Wordfence for a long time as well. I'm testing out an app new WP Security called WebArx right now. If it's any good I'll make video about it.
I just had this experience with Hostgator today. It makes no sense why someone would hack your site just to redirect it to some random site that looks like it's completely bugged out. It has happened a domain I used in the past, so it's definitely a routine that they do. These domains barely get any traffic at all, since they are new websites that still have their default template, yet they get hacked. Unbelievable.
Hi Greg, maybe it's all the EIG (I think that's them) hosts that have this practice? EIG bought BlueHost and HostGator and lots of other hosts. Seems like a good investigative reporter would be able to find a good story in here somewhere.
JustHost - is that a sister company to BueHost? Same story for me last year. Sites down, malware report, they told me the only solution was Sitelock I had no idea how to fix it myself but was alarmed at the whole process of being railroaded into ver expensive SiteLock. Instinct told me something was wrong, but I felt I had no choice. Minimum 6 months subscription..approx US$700. After the six month period, when trying to cancel the service, following the small print instructions (VERY SMALL print) they pressured me. I was obliged to phone them to cancel the service which was awkward given that I'm in Australia with a 12 hr time difference. I questioned why I needed to PHONE to cancel instead of sending email? During the termination conversation they gave me high pressure sales to remain. So I reckon that's why they insist on phone calls.
Hi Julia, Thanks for sharing your story. Railroading people like they do is a terrible business practice, but it's not illegal. But if they are the ones hacking our sites as well, then that is illegal, I think? Have the laws caught up to the internet age yet? At least now you know you can come here if it happens again, there are lots of people here including me and video tutorials on this channel that can help you clean up malware.
I'm so glad you posted a video about SiteLock as it had been something I have been skeptical about for quite some time. I have been using iThemes Security Pro but I am now also using WebARX for web security. The iThemes guys seemed to have nothing but good words to say about SiteLock though, I suppose out of professionalism. But this isn't the first time I hear about scammy practices from their part. And in regards to BlueHost, I moved away from them for similar reasons as well. There seems to be a lot of bloggers/affiliates that recommend them, and it's possible that it is because they pay them a higher commision than other hosting companies, such as SiteGround. Anyone is free to correct me on that one. I may not have all of the facts.
Hi Miguel, I'm trying WebARX out right now as well. I bought a license on AppSumo last week (I buy way too many AppSumo deals, lol. But they're always so good!) I don't think BlueHost pays higher commissions, but I do think they are more aggressive in reach out to the affiliates. BlueHost and HostGator have both reached out to me with affiliate deals, but I haven't promoted them. InMotion reached out to me as well (they are not an EIG company, not as of this writing anyway) and they offered my higher commissions than BH and HG. I like SiteGround too. I reached out to them yesterday to become an affiliate. If we can work something out I will definitely help promote their hosting. I've good experiences with them and here nothing but good things from others who host their sites there.
Hi, I just got my web hacked and I had the iThemes Sec Pro plugin. So totally useless! Now the only possible solution I have from iThemes is to pay 300 USD to sucuri... I was using ovh as hosting
Hi Miguel, that sucks! There are lots of ways sites are hacked. No single plugin can secure you from all attacks unfortunately. The two most common hack types are an unsecure host and outdated plugins, theme or WP core files. If you use shared hosting and a site in a different account but on the same server is hacked, they can hack your site too if the server is not secured properly by the host. No plugin can save you from that.
Had a similar incident like yours. Years of peace then wham. Plus I had just gotten a second site and it got hit also. I have never marketed them and the one has a really long sentence for a name. I'll be contacting the district attorney and attorney general to have them look into this. How do I get you video to clean malware off?
SiteLock claimed to have detected a virus/malware on my site after performing a scan from the server side in Hostgator. Problem is, my site is on a privately managed server, not Hostgator. When I pressed them on this, they hung up. Scam.
It happen to me... I have my account on bluehost, 2 days later sitelock calls me to offer the "solution" (after having for 5 years my site totally fine)
This happened to me yesterday, $299.88 per domain per year. I have backup from my websites but they don’t let me transfer domains until I pay them for all the domains for a year, no monthly available. What can I do?
I had BlueHost. I was talking to BlueHost tech support, when he told me I needed to go VPN. It was cheaper and faster. The way BlueHost tech explained it, It really sounded good. Cheaper and faster. I paid for and had the change started. Afterwards found out there was not any support. NONE. You had a problem, it was up to you to fix it. I tried to stop the migration. Told I was to late, the migration had already taken place. That was not right. Later I received an email, the migration actually took place 4 or 5 hours later, well after I tried to stop the migration. The next thing was, BlueHost backed up my sites everyday. That ran me out of storage. I bought more storage. Problem installing the additional storage. All my sites went down. 100%. BlueHost could not fix anything. It was either move the sites or leave all the sites down. Fortunately I had them all backed up and I moved them. I understand when I get bit by greed.
Hi Frank, Thanks for sharing your story. It sounds like a frustrating experience and definitely doesn't reflect well on BlueHost customer service. There is a 30 day refund period for their hosting, you would think that would apply to the VPN as well. Where did you move them if you don't mind me asking? And have any problems with your new host?
I moved 1 site to GoDaddy and the rest of the sites to other hosting. With GoDaddy I bought a hosting package that would allow unlimited sites. GoDaddy with out my knowledge enabled sharing which adds a script to the AMP files causing problems. GoDaddy also added a monitoring script to the root files of the site and a script at the bottom of the websites pages. Is there anyway to send you a file. When I turned sharing off, the same day had problems. I documented that problem and following problems. Take a huge amount of space, lots of screen shots. Is there anyway I can send you a file. Frank
Hi Frank, You can upload the screenshots in the Facebook (that you're part of) or you can send to my email address bjorn@wplearninglab.com Thanks for enrolling in the WP Security Action Plan by the way!
I had a similar experience with sitelock. After being hacked by them, I hired a developer to clean my site and moved my site to another company. I secured my site and soon I saw that sitelock tried to hack my site again. There were more than 30 attempts for brute force entry. SiteLock IP is reported as malicious on DNC and I am wondering how legal measures are not taken to stop their cybercrimes.
They did the same to me basically. After I cancelled and moved to a new host. I got emails, saying that there were attempts to access my email accounts and website login page
Sooooo this happened to me yesterday. I thought it was super weird why they kept asking me over and over again if I was a small business. I kept repeating no I am not. Do they have a memory span of a gold fish? I said, F IT. JUST DELETE IT ALL AND MY ACCOUNT. Sigh, maybe I shouldn't have been that hot headed, but I was SO angry why I can't do anything. I couldn't even get into my WP to make a backup. They "made one" for me but I haven't seen if it actually works.
You're welcome. Disabling it is probably for the best! There are lots of other ways to protect your site and they're cheap or free: iThemes, Wordfence, Sucuri.
Please can someone explain to me what may have happened last night? So this is how it started - one of my websites got suspended, I got in touch with Bluehost to figure out what was happening and the guy on the other end (who was confusingly from Sitelock) wanted to call me up right away (this eagerness to help was the first sign that sth wasn't right). He instantly sniffed out an amateur, said the charge for a manual cleanup would normally be $300, but he was willing to waive that for me, IF I was going to subscribe to their yearly security plan. I instantly sniffed out a scam artist! He was so slick, he was definitely a salesperson rather than a 'Security Specialist.' He wouldn't let me hang up and eventually brought down the price to $600 for the whole year. I said I'd get in touch if I needed their services and hung up. I was actually contemplating paying them the amount as they had hold of my websites (btw, while I was talking to him, my other site crashed), but I had the feeling this was a scam. That's when I came across this video, THANK GOODNESS! But how was I going to get my websites back? Was Bluehost going to hold it hostage till I gave in? BUT, about an hour later, the websites came back on again, MAGICALLY! I hadn't actually received any emails from Bluehost about why my account was suspended (apparently they are meant to do that), and if there were some other issues that made my website go down, why did the Sitelock guy convince me that it was definitely malware on my website? I'm really confused as to what happened. I'm so scared to even approach Bluehost in case they take off my website again (can they do that?). Is there still malware on my website? How do I check? What should I do next?
Now Bluehost created a file with all the malware dumped on my sites. I contacted BH chat and they route me automatically to Sitelock and for $30 x 6 months they will clean it for me. So I contact BH and ask them while they don't have a script that takes their malware.txt file and delete the files? No answer. Now given time and effort I could create that script, but shouldn't BH do it?
Hey Bob, Sounds like a frustrating situation. If you're on the basic BH shared hosting their support isn't the best (you get what you pay for). So that's not something they would do. What's further complicating the issue is that BH and Sitelock are both owned by EIG. It appears to me that EIG would rather have you pay money to Sitelock than provide good service at BH. Which isn't inherently bad, that's business. What's bad is if they're the ones planting the malware in the first place. Other hosts like WP Engine bend over backwards to help you with your website issues. But they're also much more expensive.
Well they contacted me again, 3rd time by phone. I got rather testy. I'm going to spend some time and write a script that imports the malware.txt file and deletes all the files listed. Stay tuned.......I'll make the code public. @@wplearninglab
I think what is most annoying is BH's total lack of telling me what happened. Yes, it is a shared server, so the entry point to the hacker might not have been me. How am I going to guard or fix that open back door? Can't.
Thank god for this video. I have exactly the same issue - like literally word for word how you described it. Knowing now im not alone I am a beginner at WP and do not know where to begin in 1. cleaning the "bad files", and 2. Preventing this from happening again, hopefully without purchasing a "recommended $70 a month" protection plan from Sitelocker. Would someone from here please guide me through this so I can get my website blog back online. Thanks
It’s always nice to find out you're not alone! Here’s a tutorial on how to fix a hacked site. th-cam.com/video/ptmkId3_52M/w-d-xo.html Here’s a playlist on WP security. th-cam.com/play/PLlgSvQqMfii7YSIzIPnLng0zDkGbvQTwG.html Also check out the private WPLearningLab FB group for help: facebook.com/groups/wplearninglab Let me know if those help!
Something very similar happened to me earlier this year. My site had been hacked, I contacted Bluehost via chat but discovered after giving my details over I was actually chating to Sitelock who wanted to charge a load of money for cleaning my site! I decided to completely dump the site and start with a new web host provider. I continued to get emails from Sitelock but ignored them.
Hey Jeremy, Thanks for sharing your story! This appears to be Sitelock's MO. I wonder if it's related to the big conglomerate (EIG I think) that buys hosting companies. They bought Bluehost and Hostgator and many others. Heaven forbid you're hacked again, but if it happens, check out this hack clean-up tutorial: th-cam.com/video/fyWEohiGtqY/w-d-xo.html&list=PLlgSvQqMfii7YSIzIPnLng0zDkGbvQTwG&index=10 As long as you can get to your host's support (and not Sitelock) they will give you a list of compromised files and you can use that tutorial to clean up the hack yourself, for free, in not too much time. It'll probably take a couple hours the first time, but it goes faster after that. Mind if I ask which host you're with now?
Thanks for getting back. I had my suspicions about this at the time, but this certainly is a revelation. I'm with 1and1 at the moment who do seem generally a lot more willing & helpful than Bluehost ever were.
We are thinking of suing Sitelock, HostGator, and/or EIG in relation to their reporting of phishing malware on our website and their "offer" to help us eliminate it. We have an attorney and have hired a professional internet security cleaning company in this regard. We do not need money from you, but we would like to know if any of you have been affected by similar actions of these companies and want to join us as plaintiffs in a lawsuit. If so, please private message me.
I had a very similar experience about a year ago. I ended up paying Sitelock. Before I did that Bluehost were telling me they were fixing the problem, and convinced me to pay for a three year subscription that would save me money. As soon as I did that my site went down again, and I got locked out of the back end and blacklisted on Google. Blue host chat told me I had no alternative but to pay a security firm to fix it. I went to Sitelock, thinking that because they worked with BlueHost I would get a quicker solution. Now I am too scared to cancel Sitelock because I might get hacked, and if I can't get in the back end, I can't fix it. I too will be moving my site as soon as I can afford to do so. (I am even a little afraid of posting this., in case they see it.)
WordPress Tutorials - WPLearningLab I have not had a problem since signing with Site lock except this week when I downgraded my plan. I had to contact Blue Host who had to redirect something. Didn't work the first time, so I contacted them again and then wait another 4hrs for it to "populate". It seems like the first operator either didn't do anything, or did it wrong. I don't have much faith in Blue Host.
Hi Carol, Changes to the DNS can take a while to propogate sometimes. Up to 24 hours in some cases, but only 15 minutes in most cases. Hopefully it'll be sorted soon!
It doesn't seem like a coincidence at all! I used to host all of my sites at Bluehost but their incredibly horrible support made me run away! I think that if Bluehost was a serious hosting organization would never allow being hacked any of their hosted websites TWICE in 12 hours. If they were a credible organization they would offer you an immediate recovery on their end completely free of charge, in order to "save" their business reputation. Now after your issue the only thing they succeeded is to make their client - You - to file compromised and furious. They deserve to make this case viral! Referring to Sitelock I think - from your description - that they have a "specific strategy" for making revenue! Finally, I believe that your websites had not been hacked initially but after your awful conversation with sitelock and Bluehost chat. Consider to take your work and move it to a more credible Hosting.
Hi Fotini, It does seem like too big of a coincidence and many other people have had similar experiences. Most shared hosts don't offer site hack recover because shared hosting usually very inexpensive which means there aren't great support options. I've found that general support at BlueHost and Hostgator sucks, but their Compliance and TOS support is very helpful and knowledgable. I think they put their inexperienced reps in general support. Which a lot of companies will do. I host my important sites with WPEngine. They're pricy but their fast and I've never had any security issues because they are very 'hands-on' in making sure your site's are safe. I'm currently testing an app called WebArx for site security that may be really helpful. It's currently on AppSumo, I'd you're familiar with them.
i dont feel it as a bad thing, my website was hacked 7 days after i created it, so if its hacked that means its insecure. I fixed it before the content went too big to re-invent, and very thankful about that (now have a backup local site as well.)
@@wplearninglab Hi, any recommended Anti DDOS service that is really effective ? SiteLock =( they don't even reply tickets until now they didn't setup the SSL
Generally if for some reason our website is not live. what are the best approaches in order to inform google about it. I think in development mode, but not sure. If you do not put your website on development mode than what google bot think may be 404 eror. Whats your opinion sir.
Hi Sartul, I would put it in development mode or put up a "coming soon" page. If your site is indexed in Google I would leave it up as it is. Duplicate it to your local machine (maybe using Flywheel: th-cam.com/video/nVi13qWdcvE/w-d-xo.html) or a development domain. Then replace the live site with the updated one when it's finished. If your pages are indexed in search engines, putting up a coming soon page will hurt your rankings and your traffic. I hope that helps and thanks for watching!
This just happened to me, though SiteLock asked for my phone number and I said no. But they still ended up calling me and emailing me (very similar to what was said in this video). I followed this video's suggestions and my hosting service was able to help me. And in maybe 12 hours or so, the site was compromised again. Though for me my site was sending SPAM. My first contact with hosting service tech support said " It seems like an application "phpmailer " is sending mass spam emails.". So now I'm on the hunt to figure out how to correct this issue.
Hi Dawn, Sounds like a frustrating experience, but you were thinking fast on your feet. Some people start paying Sitelock immediately to fix the issue. It sounds like there is code in your WP site files or on your server that is causing the issue. Delete the code and the problem is solved. But then you still have to thoroughly clean your site to make sure everything is clean. Most hosts are able to run a check to see if there is anything suspicious on the server. Then they'll give you the results to clean it up. If you still have access to your site you can try installing Wordfence and using their feature to compare the original WP files to your WP files to spot differences. That feature is one of the three I cover in this tutorial: th-cam.com/video/2F460uMt2JE/w-d-xo.html. You can also try to the Sucuri site check to see if that finds anything: sitecheck.sucuri.net/ I hope that helps :) Let me know if you have any questions. Thanks for watching!
@@wplearninglab Thank you! I contacted my hosting service, they scanned the site, found no problems and reactivated my site. I installed Wordfence and removed some plugins on my site just in case. I also checked it through Sucuri site check and all seems good there as well. Hoping it doesn't get taken down again. Fingers crossed. If it does, I might have to find a new hosting service. Thank you for your help and thank you for these videos!
Thank you so much Sir.... same thing happening to my 2 sites today... IDK how to fix this.. 2 sites are down... site lock keeps asking pay them 70$ per one site :)
Hi Rohan, Check out these hack clean up tutorials: 1. th-cam.com/video/ptmkId3_52M/w-d-xo.html 2. th-cam.com/video/fyWEohiGtqY/w-d-xo.html Let me know if those work!
Hey man, I am facing the same crap. I have hostgator as my host and I kid you not I have been trying to get the malware off my website for the past month. I am always having to live chat with them and each time the agent I am speaking with tells me something different. I went from needing a 71.88$ sub to a 299.99$ sub in less than 10days. I am going crazy, I wont pay that much money for sitelock to keep making me pay more in the future.
I'm not saying its Bluehost, but ... I inherited a customer when their site was hacked and filled with malware. Some months later Bluehost blocked the site again as it had been hacked again, which took three days to unblock. Some months later all the user account passwords were changed and I had to reset them using MySQL.Some months later the domain registration (also with Bluehost) was transferred to a scammer. Bluehost claim this was at the request of the customer, but refused to provide any evidence of this (due to "confidentiality"). The domain could not be recovered, the customer blamed me for all the problems and went elsewhere. I was using best practice security and have not had problems like these with any other hosting provider. Google 'bluehost hacked'. Thanks for the heads up about Sitelock.
Hey Paul, That sounds like a frustrating experience. The hacking and re-hacking is pretty common because of tricky 'backdoors' hackers will leave and access at a later date. What's most concerning is the domain transfer. Malware on a website can't initiate that, that requires access to the BlueHost cPanel account. It's unfortunate that the client left, but it sounds like it's less headache for you this way...
Hi Bjorn, it was frustrating. Original site had been set up by a student and left to customer, who did nothing - no wonder they were hacked. But everything after that was very strange. I wiped the site, changed all the passwords and started again, so no back doors. And the domain transfer was both suspicious and scary. The domain had not expired; either Bluehost were conned by the scammers impersonating the customer or some sort of fraud occurred - it was impossible to tell. Either way, it was not a good look. They were a good customer, just very naive about IT. Thanks
This happened to me yesterday. I’m with hostmonster. And all of my websites are down and they say all of them have been infected. At the same time? No. They are scamming us.
I got an email yesterday from SiteLock saying my they found malware on my website and they can fix it. There's one problem, I took my website down a year and a half ago... SCAM?
I just signed up with bluehost and unchecked the bock from sitelock, and then looked at my receipt, they added it onto my account against my will and it just says free next to it. Should I switch to a different hosting company?
Same thing happened to me today. My site was not even live, I was building it and it got a malware. Like you, I chatted to whoever I thought was Bluehost but it was sitelock. The guy introduced himself has sitelock though. I will cancel the subscription and get my site some place else
@@wplearninglab I reached out to siteground on their chat and am planning to transfer the site to them. Thanks a lot for your videos, I wish I had seen them before, I would have never registered with Bluehost!
I used sitelock before a long time ago I don't think it was them, the way to check for that is easy, just put up a basic site and only have default plugins of wordpress or take them out and use only sitelock and see if it happens.
NOT a coincidence - OMG this is almost an EXACT play by play of what has happened to me. but with Netfirms & Sitelock. I've been saying this for years and every time! I was tempted to screenshot my chat with me host! Damn it, next time. Cause this happens like CLOCKWORK everytime i decline or cancel a service.
I'm not a lawyer, so I'm probably using the wrong term, but it seems like ransom or extortion. And it doesn't seem legal, unless the host discloses that this will happen in their terms of service that you have to agree to before you sign up. Even if they disclose it, it doesn't seem legal.
Forget shared hosts, switch to aws, its free. And setup isnt hard, just use Bitnami wordpress Image (very good security practices and lots of videos available for setup). Its also hugely faster than shared hosts. Use cloudflare(free) over that it will cache ur site to cloud and also protect it from ddos. Also, use wordfence and ithemes security plugins on the top of that. Fix permissions for htaccess (444) and wp-config (444) and others that ithemes security plugin recommends and disable xmrpc.php (all options are available in that plugin). You are good to go in this scary world. Free version of plugins are enough so don't worry. Remember, getting hacked is a part of learning, so don't panic and instead be thankful that the hacker found a vulnerability too early for you to fix it.
I had a similar encounter last year, just after subscribing to one of the plans for 4 websites, my accounts where hack. When I contacted Bluehost, they referred me to Sitelock and they requested me to upgrade my plan for an exorbitant fee. I expected a hacker to demanding for a fee but here it was Sitelock and I concluded that they were the hackers, i canceled my subscriptions immediately except for one account.
I purchased a domain and was offer a free Sitelock trial on the Domain. I contacted Bluehost and all they wanted to talk to me about is Sitelock. They are holding my site hostage. They were so unhelpful! They are the absolute worst. Thank you Blue Host. I am leaving after over 10 years.
I literally have the registration form for gator filled with sitelock checked. Thought I'd just do a quick search. I'll look elsewhere after seeing this.
Man i just bought in to sitelock.....grrrr my site is being directed to some viagra bs site, did not know i could fix it myself, now im locked in for a a year contract, where are tour videos for future reference
Maybe you can still wiggle out if it? This playlist has security and hack cleanup tutorials: m.th-cam.com/play/PLlgSvQqMfii7YSIzIPnLng0zDkGbvQTwG.html I hope that helps!
It is not a coincidence, Hostgator and Sitelock do the same hack trick on their customers as well. Just take a webhosting service that has no related Sitelock services and no such things happen.
I've had similar issues with Sitelock on my client sites via Network Solutions and Go Daddy. How bad is the hosting if Sitelock is claiming to find security issues every other week? And no matter how much you pay them monthly, it's never the correct plan that actually fixes any issues. Sitelock is either a total scam, or at the least unethical.
Hey Chris, her accent was American, her name is Antoinette and my caller ID shows the number coming from Phoenix Arizona, which could have been spoofed.
There's are companies that allows callers from other countries use US numbers. I get contacted every so often by scammers posing asa US business wanting to hire me. BTW I haven't liked BlueHost, Hostgator, etc since EIG bought them all out
Hi Kathy, I've encountered lots of thick-accented number spoofers that look like they're calling from the US. But this lady's English was great. Great English speakers can be found in other countries, but I don't encounter them often in these types of situations.
To be honest I am a little surprised and quite concerned if you don't know about EIG (Endurance International Group) or maybe you do. EIG is the borg that keeps buying up smaller hosting companies and then "normalizes" them in to it's crappy server farm, cuts back on the support and then upsells at every turn. They bought BlueHost in 2010 and own a couple dozen more. They also own a lice of Sitelock which is also an up sell scam. I roll with CloudWays for the most part and WPEngine or Flywheel for my bigger sites if needed. As much as I love these platforms if EIG were to buy them I would start moving my sites the next day regardless of the cost. But check for yourself... www.reviewhell.com/blog/endurance-international-group-eig-hosting/
Hi Tom, I do know about EIG, but not the whole story. I knew the owned BlueHost; they also bought HostGator. I had a feeling they had a slice of Sitelock (or owned it outright), but I didn't look into it. I use WPEngine for my important sites, Bluehost is an old hosting account that used to use, I kept it around for lower-tier sites and a couple clients who I give free hosting too there. But I'll be shutting that account down soon. Thanks for the link, I'm sure I'll learn a thing or two about EIG after I read it.
Had the same experience with Sitelock and Hostgator. They told me it was a malware attack and suspended my website and need to contact the security team then just found out that they just sent me to sitelock. their just getting money from us
But apparently, sitelock is a Blue Host contracted company. If they have the power to shut you down until you sign up for their ransom subscription, what can you do? COOKED DICE! I may have to look into creating my own domain web hosting company
Sitelock and BlueHost are both owned by EIG. EIG has a pretty bad rep in the hosting space. The best move is the avoid any host that is owned by EIG. Creating your own web hosting company actually isn't that difficult. You really just need three things: server space (from Amazon or Google or Linode or many others), a website (built with WordPress), and a way to automate the connection between your site and your hosting server (WHMCS is great for that).
Hii sir, my websites & domains are in Blue host. Lot of spam mails are getting daily . I contacted blue host tech team & sales team they people offering Sitelock security. Please can u suggest me which hosting is good trusted. Actually tomaro i ready to take Sitelock security. Just now I watched this video I won't take Sitelock security. Thankyou so much sir, Please give me reply & suggest plan which hosting is best one.
Their not reputable, I just had one of their former customers who moved away from the servers near a year ago. They called her up and were telling her that her files are infected. Files hmm on a host she has not been using for close to a year if not a year. Files coincidentally after finding they never closed the account they were asked last week to close and delete! Wanted money to clean up files that have not been active in a long time and are suppose to be deleted.
try to search (EIG) Endurance International Group, they own Bluehost and other hosting companies like Hostgator, etc. and guess what, they also own SiteLock. got the idea?
I am studying to be ethical hacker and they say all free vpn's are free for hackers to enjoy, so now we know to pay for vpn's or else. also the same I herd about free google drives, you may as well give everyone your password or not even with todays easy hacks I saw (not going to say them), but only a paid google drive is encrypted but the free one's not encrypted. everyone needs to be studying iot of things (devices of things connected online) check out everyones devices connected and it can be exploited
ditto, my site was deactivated. Chatting with bluehost support, they suggested I purchase bluehost Essentials at $20 more per month to scan and clean the website on a regular basis. Very dubious and bluehost should be sued. Anyone up for a class action law suit?
Just happened to me as well. Same as the video.... figured out I was talking to sitelock. She asked what I did and I told her honestly that I teach guitar. She then starts going into a bunch of techno-babble about cross-site-scripting attacks and open redirects and how if I have any HTML file on my site that those will show up as malware for sure. What she didn't know was that I was a developer for 12 years and was an IT project manager for 3 before I followed my happiness and taught music. I said, "you don't really know what any of that means do you?" she was quite for a second, I followed up with asking her, "what does HTML mean?", she stammered, I said "If what you said were true, then every website on the internet would be malware". I then let her know my background and she got very nasty. She said "well, I guess you know everything then don't you". I said "well, if I have a car problem, and I take it to a repair shop, I expect a mechanic to look at it, not the person behind the checkout counter. Do you actually have anyone there qualified to discuss a possible point of entry?". She responded, "well if I knew how to code I wouldn't be sitting here doing this job. You actually expect customer service to know how to code? Give me a break!". Needless to say, I ended the conversation there. I talked to bluehost and let them know how predatory this was and why am I being directed to sitelock when bluehost are the people I should be dealing with.
@@EnFuegoDuo wow so after fighting with bluehost for 3 days explaining thay I do not want SiteLock ever! and to unsuspend my account asap. Finally they re instate my account and allmy WordPress sites are disconnected from internet. I will be leaving them this week
I’m sure, as you are you, the ‘what do you do’ is a qualifying question to see if she can pull a fast one on you. What’s unfortunate is that people are recommended Bluehost by others, who probably mean well and have never encountered or heard of this problem. And nobody goes searching for a topic like in this video until after there’s a problem.
It's no coincidence. Now am not doubting at all they hacked my sites after they contacted me. This is a scam. Am moving my hosting from bluehost. And am blindly recommending them here in my country. Tweaaaaaa
Bro, sitelock hacked me bad... my site had 4 subdomains. I lost everything. The time and how it went about sure looks like it was hacked. I bought sitelock and it scan my site said it was clean. haha... I have a real mess.
god damn is this frustrating. I hope Hostgator and Sitelock go out of business as soon as possible. They've been extremely aggressive with the phone calls even after I told Hostgator to specifically not give them my phone number. I couldn't fix the issues myself so I hired someone to do it on fiverr for $5. All done no problem. 24 hours later there are new issues and I suspect it's the same issue others had in the comments. Absolutely incredible that these companies are allowed to behave this way.
This isn't a scam. This content creator just doesn't know how malware and malicious attacks work. I've worked for 6 major hosting companies... All scan their servers to make sure no one is hosting malware and if they do find hacked/malicious content will typically let the customer know and send a lead to a security company they are partnered with to help the customer get things fixed.
lol happend to me as well, and getting sitelock bot traffic in my site even after i switched to aws from hostgator. Guys, use wordfence for firewall and ithemes security for audit logs, changing login url, also block xmlrpc.php (option in ithemes security) Free versions are enough.
nope not paranoid. Happened to me almost verbatim, but with HostGator. avoid bluehost, hostgator, any EIG. I smelled a fish when HostGator starting pushing sitelock last October. Sites down, Cleaned it, 3 weeks later same, cleaned it 3 weeks later same. Then as you stated, I start getting calls "hi this Josh, from Sitelock we manage the security for your website...your site been infected etc. etc." "Urrrmmm, no you don't manage the security ELSE I wouldn't be getting this call" A. B."I've never signed up with nor payed you for said services" Then came the sales pitch...FFS, really? So now it's research time a simple "Sitelock Scam" in google was all it took. You're not alone Amigo. And +10000 for avoiding them or any host that partners with them. Not a plug but Siteground is not affiliated with them. Just spent the last four days moving all my clients sites over. Actually they do it for free , but won't turn it on until the files are clean. And they DO provide a list of files and the reason for the flag. Some were just crap file but some were needed so the it was a matter of removing the obfuscated PHP form each document, took days. Anyhow thanks for the post, I was googling above to send clients who have been down proof and ran across your video. Peace and Namaste
Below is an important screenshot. Went through the same thing for a few days now. Been on customer chat four times today, and once 3 days ago. Then, after wits end, I decided to check my spam folder, and low and behold Google, yes, Google even flagged Sitelock as Spam. I took a screenshot of it, and cancelled my Baby/Shared package at Hostgator. In an attempt to keep me from cancelling, I was redirected to talk to Customer Support. So, I did. I took a screen and shared it with them. My account is no longer suspended, but I still cancelled it. Screenshot: i.postimg.cc/xjvfCC55/Screen-Shot-2019-04-01-at-10-15-01-PM-copy1.png
@@wplearninglab Thanks. It's horrible. And none of this happened until we allowed Google to add ads. The Sitelock representative was like, "Now that you're making money, you need malware protection..." Now that my site is making money; and how would you know that Sitelock? So, I ended up using Filezilla and deleting all of my sites, and my server files. Just going to write something from scratch and not use any adspace on the sites.
SCAM!! "it turns out that EIG owns HostGator, BlueHost, a lot of the major hosting companies that sell hosting for pennies on the dollar, they also own “Site Lock” which they give direct referrals to from servers they don’t really monitor for security. If they do find something on the off chance their part time security team comes into work sober they probably refer them back to site lock which charges you a fee to cleanup and then further “monitor” your website, etc." whackers for hackers
I have thought that for years. I have been with bluehost for 8 years and never had a problem. Then all of a sudden site lock came along and all my sites are hacked.
Hey Frank, I’ve heard the same thing many times. It seems to me that sort of thing should be illegal. Or maybe it is and sitelock is too small of a fish for enforcement agencies to care about it.
Hi Bashar, Sorry for the delay. We just had our third baby and it's been a bit of a gong show around here 👶 Better un-sign up! I would steer clear of them.
@@wplearninglab thanks for your replay and a lot of kisses from me to the baby hhh yes i canceled the contract after i saw your video ,so thanks again for your advice.
No problem Bashar, good work. You still need site security though. If you're unsure where to start check out these two tutorials: IThemes security: th-cam.com/video/n0P3G1ZMETI/w-d-xo.html Wordfence: th-cam.com/video/2F460uMt2JE/w-d-xo.html I hope that helps and thanks for watching!
I had a similar experience with SiteLock (Host Gator) last month. I received an email and a call from sitelock saying that my website has malware. I was able to sanitized my website after watching one of your past videos. After listening to their pushy sales pitch I politely declined their service.
They are very pushy.
So far I've only heard of this being an issue with Bluehost and Hostgator (which are now owned by the same company...another coincidence?)
I'm glad you cleaned the site yourself. It's really not that hard once you know what the look for. And, if you get to your host's real support, they are helpful and give you a list of infected files. At least they have always done that for me.
@@wplearninglab hostgator support is worst when it comes to hacked site,they just redirected me to sitelock lol, didnt even try to answer if my site is hacked or how its hacked.
So what are you using instead to protect your site ?
WOW- WOW - WOW!! I'm experiencing the SAME thing! I'm moving over to another host. I can't believe this. I have NEVER experienced this before.
It's pretty crazy how frequently this happens with Sitelock. Just make sure the host you pick is not owned by EIG. Check out EIG on Wikipedia to see all the host's they own.
@@wplearninglab thank you so much. Joining your facebook group too. Have many questions lol
This happened to one of my clients earlier this spring - totally a scam! So slimey
Hi Teri,
Yeah, it is definitely not a great business practice. What goes around comes around...eventually!
JUST HAPPENED TO ME! This is exactly what I was saying!
Great info. It's a real warning to look out for scams. No Sitelock over here. I'm using Wordfence. Never had any problems with it.
I've used Wordfence for a long time as well. I'm testing out an app new WP Security called WebArx right now. If it's any good I'll make video about it.
Same thing happened to me TODAY with Host Gator. This is a systematic scam.
I just had this experience with Hostgator today. It makes no sense why someone would hack your site just to redirect it to some random site that looks like it's completely bugged out. It has happened a domain I used in the past, so it's definitely a routine that they do. These domains barely get any traffic at all, since they are new websites that still have their default template, yet they get hacked. Unbelievable.
Very interesting! Glad you posted this suspicion.
Hi Linda,
I feel like it's my duty. If even one person avoids the SiteLock's shenanigans it's well worth sharing.
This happened to me with HostGator! When I called HG I was transferred directly to Sitelock not HostGator! Amazingly similar situation.
Hi Greg, maybe it's all the EIG (I think that's them) hosts that have this practice? EIG bought BlueHost and HostGator and lots of other hosts.
Seems like a good investigative reporter would be able to find a good story in here somewhere.
JustHost - is that a sister company to BueHost? Same story for me last year. Sites down, malware report, they told me the only solution was Sitelock I had no idea how to fix it myself but was alarmed at the whole process of being railroaded into ver expensive SiteLock. Instinct told me something was wrong, but I felt I had no choice. Minimum 6 months subscription..approx US$700. After the six month period, when trying to cancel the service, following the small print instructions (VERY SMALL print) they pressured me. I was obliged to phone them to cancel the service which was awkward given that I'm in Australia with a 12 hr time difference. I questioned why I needed to PHONE to cancel instead of sending email? During the termination conversation they gave me high pressure sales to remain. So I reckon that's why they insist on phone calls.
Hi Julia,
Thanks for sharing your story. Railroading people like they do is a terrible business practice, but it's not illegal. But if they are the ones hacking our sites as well, then that is illegal, I think? Have the laws caught up to the internet age yet? At least now you know you can come here if it happens again, there are lots of people here including me and video tutorials on this channel that can help you clean up malware.
I'm so glad you posted a video about SiteLock as it had been something I have been skeptical about for quite some time. I have been using iThemes Security Pro but I am now also using WebARX for web security. The iThemes guys seemed to have nothing but good words to say about SiteLock though, I suppose out of professionalism. But this isn't the first time I hear about scammy practices from their part.
And in regards to BlueHost, I moved away from them for similar reasons as well. There seems to be a lot of bloggers/affiliates that recommend them, and it's possible that it is because they pay them a higher commision than other hosting companies, such as SiteGround. Anyone is free to correct me on that one. I may not have all of the facts.
Hi Miguel,
I'm trying WebARX out right now as well. I bought a license on AppSumo last week (I buy way too many AppSumo deals, lol. But they're always so good!)
I don't think BlueHost pays higher commissions, but I do think they are more aggressive in reach out to the affiliates. BlueHost and HostGator have both reached out to me with affiliate deals, but I haven't promoted them. InMotion reached out to me as well (they are not an EIG company, not as of this writing anyway) and they offered my higher commissions than BH and HG.
I like SiteGround too. I reached out to them yesterday to become an affiliate. If we can work something out I will definitely help promote their hosting. I've good experiences with them and here nothing but good things from others who host their sites there.
Hi, I just got my web hacked and I had the iThemes Sec Pro plugin. So totally useless! Now the only possible solution I have from iThemes is to pay 300 USD to sucuri... I was using ovh as hosting
Hi Miguel, that sucks!
There are lots of ways sites are hacked. No single plugin can secure you from all attacks unfortunately.
The two most common hack types are an unsecure host and outdated plugins, theme or WP core files.
If you use shared hosting and a site in a different account but on the same server is hacked, they can hack your site too if the server is not secured properly by the host. No plugin can save you from that.
Had a similar incident like yours. Years of peace then wham. Plus I had just gotten a second site and it got hit also. I have never marketed them and the one has a really long sentence for a name. I'll be contacting the district attorney and attorney general to have them look into this. How do I get you video to clean malware off?
Happened AGAIN to me last night. The rep in the chat wanted to "call to explain". I told him no.
SiteLock claimed to have detected a virus/malware on my site after performing a scan from the server side in Hostgator. Problem is, my site is on a privately managed server, not Hostgator. When I pressed them on this, they hung up.
Scam.
good for you that your site is on a privately managed server. and knew they were a scam right at the start
WOW! Thank you so much for the video. I also check youtube before buying anything! I just unchecked the buy SiteLock option!
It happen to me... I have my account on bluehost, 2 days later sitelock calls me to offer the "solution" (after having for 5 years my site totally fine)
It makes you want to move to a different host.
@@wplearninglab I am as soon as I can!!!
Good plan Lakia, just make sure it's not a host owned by EIG. Check out EIG on Wikipedia to see all the host's they own.
This happened to me yesterday, $299.88 per domain per year. I have backup from my websites but they don’t let me transfer domains until I pay them for all the domains for a year, no monthly available. What can I do?
I had BlueHost. I was talking to BlueHost tech support, when he told me I needed to go VPN. It was cheaper and faster. The way BlueHost tech explained it, It really sounded good. Cheaper and faster. I paid for and had the change started. Afterwards found out there was not any support. NONE. You had a problem, it was up to you to fix it. I tried to stop the migration. Told I was to late, the migration had already taken place. That was not right. Later I received an email, the migration actually took place 4 or 5 hours later, well after I tried to stop the migration. The next thing was, BlueHost backed up my sites everyday. That ran me out of storage. I bought more storage. Problem installing the additional storage. All my sites went down. 100%. BlueHost could not fix anything. It was either move the sites or leave all the sites down. Fortunately I had them all backed up and I moved them. I understand when I get bit by greed.
Hi Frank,
Thanks for sharing your story. It sounds like a frustrating experience and definitely doesn't reflect well on BlueHost customer service. There is a 30 day refund period for their hosting, you would think that would apply to the VPN as well.
Where did you move them if you don't mind me asking? And have any problems with your new host?
I moved 1 site to GoDaddy and the rest of the sites to other hosting. With GoDaddy I bought a hosting package that would allow unlimited sites. GoDaddy with out my knowledge enabled sharing which adds a script to the AMP files causing problems. GoDaddy also added a monitoring script to the root files of the site and a script at the bottom of the websites pages.
Is there anyway to send you a file.
When I turned sharing off, the same day had problems. I documented that problem and following problems. Take a huge amount of space, lots of screen shots.
Is there anyway I can send you a file.
Frank
Hi Frank,
You can upload the screenshots in the Facebook (that you're part of) or you can send to my email address bjorn@wplearninglab.com
Thanks for enrolling in the WP Security Action Plan by the way!
I had a similar experience with sitelock. After being hacked by them, I hired a developer to clean my site and moved my site to another company. I secured my site and soon I saw that sitelock tried to hack my site again. There were more than 30 attempts for brute force entry. SiteLock IP is reported as malicious on DNC and I am wondering how legal measures are not taken to stop their cybercrimes.
They did the same to me basically. After I cancelled and moved to a new host. I got emails, saying that there were attempts to access my email accounts and website login page
Sooooo this happened to me yesterday. I thought it was super weird why they kept asking me over and over again if I was a small business. I kept repeating no I am not. Do they have a memory span of a gold fish? I said, F IT. JUST DELETE IT ALL AND MY ACCOUNT. Sigh, maybe I shouldn't have been that hot headed, but I was SO angry why I can't do anything. I couldn't even get into my WP to make a backup. They "made one" for me but I haven't seen if it actually works.
Hey Max, it's definitely a frustrating situation. Do you mind me asking which host this happened on?
WordPress Tutorials - WPLearningLab Bluehost. Not sure where I will migrate to next. Probably A2
Thanks for the tip! I have used sitelock and now I am disabling it... :(
You're welcome. Disabling it is probably for the best! There are lots of other ways to protect your site and they're cheap or free: iThemes, Wordfence, Sucuri.
Please can someone explain to me what may have happened last night?
So this is how it started - one of my websites got suspended, I got in touch with Bluehost to figure out what was happening and the guy on the other end (who was confusingly from Sitelock) wanted to call me up right away (this eagerness to help was the first sign that sth wasn't right).
He instantly sniffed out an amateur, said the charge for a manual cleanup would normally be $300, but he was willing to waive that for me, IF I was going to subscribe to their yearly security plan. I instantly sniffed out a scam artist! He was so slick, he was definitely a salesperson rather than a 'Security Specialist.'
He wouldn't let me hang up and eventually brought down the price to $600 for the whole year. I said I'd get in touch if I needed their services and hung up. I was actually contemplating paying them the amount as they had hold of my websites (btw, while I was talking to him, my other site crashed), but I had the feeling this was a scam.
That's when I came across this video, THANK GOODNESS!
But how was I going to get my websites back? Was Bluehost going to hold it hostage till I gave in? BUT, about an hour later, the websites came back on again, MAGICALLY! I hadn't actually received any emails from Bluehost about why my account was suspended (apparently they are meant to do that), and if there were some other issues that made my website go down, why did the Sitelock guy convince me that it was definitely malware on my website?
I'm really confused as to what happened. I'm so scared to even approach Bluehost in case they take off my website again (can they do that?). Is there still malware on my website? How do I check? What should I do next?
Thanks sir I'm glad I watched this video please add more videos on this playlist sir
Hi Tomoya,
I'll be adding more as I encounter issues like this :)
Now Bluehost created a file with all the malware dumped on my sites. I contacted BH chat and they route me automatically to Sitelock and for $30 x 6 months they will clean it for me. So I contact BH and ask them while they don't have a script that takes their malware.txt file and delete the files? No answer. Now given time and effort I could create that script, but shouldn't BH do it?
Hey Bob,
Sounds like a frustrating situation. If you're on the basic BH shared hosting their support isn't the best (you get what you pay for). So that's not something they would do.
What's further complicating the issue is that BH and Sitelock are both owned by EIG. It appears to me that EIG would rather have you pay money to Sitelock than provide good service at BH. Which isn't inherently bad, that's business. What's bad is if they're the ones planting the malware in the first place.
Other hosts like WP Engine bend over backwards to help you with your website issues. But they're also much more expensive.
Well they contacted me again, 3rd time by phone. I got rather testy. I'm going to spend some time and write a script that imports the malware.txt file and deletes all the files listed. Stay tuned.......I'll make the code public.
@@wplearninglab
I think what is most annoying is BH's total lack of telling me what happened. Yes, it is a shared server, so the entry point to the hacker might not have been me. How am I going to guard or fix that open back door? Can't.
Thank god for this video. I have exactly the same issue - like literally word for word how you described it. Knowing now im not alone I am a beginner at WP and do not know where to begin in 1. cleaning the "bad files", and 2. Preventing this from happening again, hopefully without purchasing a "recommended $70 a month" protection plan from Sitelocker. Would someone from here please guide me through this so I can get my website blog back online. Thanks
It’s always nice to find out you're not alone!
Here’s a tutorial on how to fix a hacked site.
th-cam.com/video/ptmkId3_52M/w-d-xo.html
Here’s a playlist on WP security.
th-cam.com/play/PLlgSvQqMfii7YSIzIPnLng0zDkGbvQTwG.html
Also check out the private WPLearningLab FB group for help: facebook.com/groups/wplearninglab
Let me know if those help!
Something very similar happened to me earlier this year. My site had been hacked, I contacted Bluehost via chat but discovered after giving my details over I was actually chating to Sitelock who wanted to charge a load of money for cleaning my site! I decided to completely dump the site and start with a new web host provider. I continued to get emails from Sitelock but ignored them.
Hey Jeremy,
Thanks for sharing your story! This appears to be Sitelock's MO. I wonder if it's related to the big conglomerate (EIG I think) that buys hosting companies. They bought Bluehost and Hostgator and many others.
Heaven forbid you're hacked again, but if it happens, check out this hack clean-up tutorial: th-cam.com/video/fyWEohiGtqY/w-d-xo.html&list=PLlgSvQqMfii7YSIzIPnLng0zDkGbvQTwG&index=10
As long as you can get to your host's support (and not Sitelock) they will give you a list of compromised files and you can use that tutorial to clean up the hack yourself, for free, in not too much time. It'll probably take a couple hours the first time, but it goes faster after that.
Mind if I ask which host you're with now?
Thanks for getting back. I had my suspicions about this at the time, but this certainly is a revelation. I'm with 1and1 at the moment who do seem generally a lot more willing & helpful than Bluehost ever were.
I'm glad you found a good host. I've never used 1and1 and haven't heard much about them. I guess no news is good news 😄
We are thinking of suing Sitelock, HostGator, and/or EIG in relation to their reporting of phishing malware on our website and their "offer" to help us eliminate it. We have an attorney and have hired a professional internet security cleaning company in this regard.
We do not need money from you, but we would like to know if any of you have been affected by similar actions of these companies and want to join us as plaintiffs in a lawsuit. If so, please private message me.
Hi, May I ask how to secure the server from malware if we are not to use sitelock or other such services?
I had a very similar experience about a year ago. I ended up paying Sitelock. Before I did that Bluehost were telling me they were fixing the problem, and convinced me to pay for a three year subscription that would save me money. As soon as I did that my site went down again, and I got locked out of the back end and blacklisted on Google. Blue host chat told me I had no alternative but to pay a security firm to fix it. I went to Sitelock, thinking that because they worked with BlueHost I would get a quicker solution. Now I am too scared to cancel Sitelock because I might get hacked, and if I can't get in the back end, I can't fix it. I too will be moving my site as soon as I can afford to do so. (I am even a little afraid of posting this., in case they see it.)
Hi Carol,
Thanks for sharing your story. Are you unable to log into the backend of your site right now?
WordPress Tutorials - WPLearningLab I have not had a problem since signing with Site lock except this week when I downgraded my plan. I had to contact Blue Host who had to redirect something. Didn't work the first time, so I contacted them again and then wait another 4hrs for it to "populate". It seems like the first operator either didn't do anything, or did it wrong.
I don't have much faith in Blue Host.
Hi Carol,
Changes to the DNS can take a while to propogate sometimes. Up to 24 hours in some cases, but only 15 minutes in most cases. Hopefully it'll be sorted soon!
It doesn't seem like a coincidence at all! I used to host all of my sites at Bluehost but their incredibly horrible support made me run away! I think that if Bluehost was a serious hosting organization would never allow being hacked any of their hosted websites TWICE in 12 hours. If they were a credible organization they would offer you an immediate recovery on their end completely free of charge, in order to "save" their business reputation. Now after your issue the only thing they succeeded is to make their client - You - to file compromised and furious. They deserve to make this case viral! Referring to Sitelock I think - from your description - that they have a "specific strategy" for making revenue! Finally, I believe that your websites had not been hacked initially but after your awful conversation with sitelock and Bluehost chat. Consider to take your work and move it to a more credible Hosting.
Hi Fotini,
It does seem like too big of a coincidence and many other people have had similar experiences.
Most shared hosts don't offer site hack recover because shared hosting usually very inexpensive which means there aren't great support options.
I've found that general support at BlueHost and Hostgator sucks, but their Compliance and TOS support is very helpful and knowledgable. I think they put their inexperienced reps in general support. Which a lot of companies will do.
I host my important sites with WPEngine. They're pricy but their fast and I've never had any security issues because they are very 'hands-on' in making sure your site's are safe.
I'm currently testing an app called WebArx for site security that may be really helpful. It's currently on AppSumo, I'd you're familiar with them.
i dont feel it as a bad thing, my website was hacked 7 days after i created it, so if its hacked that means its insecure. I fixed it before the content went too big to re-invent, and very thankful about that (now have a backup local site as well.)
@@wplearninglab Hi, any recommended Anti DDOS service that is really effective ? SiteLock =( they don't even reply tickets until now they didn't setup the SSL
Generally if for some reason our website is not live. what are the best approaches in order to inform google about it.
I think in development mode, but not sure.
If you do not put your website on development mode than what google bot think may be 404 eror.
Whats your opinion sir.
Hi Sartul,
I would put it in development mode or put up a "coming soon" page.
If your site is indexed in Google I would leave it up as it is. Duplicate it to your local machine (maybe using Flywheel: th-cam.com/video/nVi13qWdcvE/w-d-xo.html) or a development domain. Then replace the live site with the updated one when it's finished.
If your pages are indexed in search engines, putting up a coming soon page will hurt your rankings and your traffic.
I hope that helps and thanks for watching!
This just happened to me, though SiteLock asked for my phone number and I said no. But they still ended up calling me and emailing me (very similar to what was said in this video). I followed this video's suggestions and my hosting service was able to help me. And in maybe 12 hours or so, the site was compromised again. Though for me my site was sending SPAM. My first contact with hosting service tech support said " It seems like an application "phpmailer " is sending mass spam emails.". So now I'm on the hunt to figure out how to correct this issue.
Hi Dawn,
Sounds like a frustrating experience, but you were thinking fast on your feet. Some people start paying Sitelock immediately to fix the issue.
It sounds like there is code in your WP site files or on your server that is causing the issue. Delete the code and the problem is solved. But then you still have to thoroughly clean your site to make sure everything is clean. Most hosts are able to run a check to see if there is anything suspicious on the server. Then they'll give you the results to clean it up.
If you still have access to your site you can try installing Wordfence and using their feature to compare the original WP files to your WP files to spot differences. That feature is one of the three I cover in this tutorial: th-cam.com/video/2F460uMt2JE/w-d-xo.html.
You can also try to the Sucuri site check to see if that finds anything: sitecheck.sucuri.net/
I hope that helps :) Let me know if you have any questions. Thanks for watching!
@@wplearninglab
Thank you! I contacted my hosting service, they scanned the site, found no problems and reactivated my site. I installed Wordfence and removed some plugins on my site just in case. I also checked it through Sucuri site check and all seems good there as well.
Hoping it doesn't get taken down again. Fingers crossed. If it does, I might have to find a new hosting service.
Thank you for your help and thank you for these videos!
Thank you so much Sir.... same thing happening to my 2 sites today... IDK how to fix this.. 2 sites are down... site lock keeps asking pay them 70$ per one site :)
Hi Rohan,
Check out these hack clean up tutorials:
1. th-cam.com/video/ptmkId3_52M/w-d-xo.html
2. th-cam.com/video/fyWEohiGtqY/w-d-xo.html
Let me know if those work!
Hi Rohan,
You can also check out Malcare ( wplearninglab.com/go/malcare001 ). It's way cheaper than SiteLock AND you manage it yourself.
I have a similar (almost identical situation) with Hostmonster and sitelock after an extortion email/bitcoin operation. Who is save to move to though?
Hey man, I am facing the same crap. I have hostgator as my host and I kid you not I have been trying to get the malware off my website for the past month. I am always having to live chat with them and each time the agent I am speaking with tells me something different. I went from needing a 71.88$ sub to a 299.99$ sub in less than 10days. I am going crazy, I wont pay that much money for sitelock to keep making me pay more in the future.
I'm not saying its Bluehost, but ... I inherited a customer when their site was hacked and filled with malware. Some months later Bluehost blocked the site again as it had been hacked again, which took three days to unblock. Some months later all the user account passwords were changed and I had to reset them using MySQL.Some months later the domain registration (also with Bluehost) was transferred to a scammer. Bluehost claim this was at the request of the customer, but refused to provide any evidence of this (due to "confidentiality"). The domain could not be recovered, the customer blamed me for all the problems and went elsewhere. I was using best practice security and have not had problems like these with any other hosting provider. Google 'bluehost hacked'. Thanks for the heads up about Sitelock.
Hey Paul,
That sounds like a frustrating experience. The hacking and re-hacking is pretty common because of tricky 'backdoors' hackers will leave and access at a later date.
What's most concerning is the domain transfer. Malware on a website can't initiate that, that requires access to the BlueHost cPanel account.
It's unfortunate that the client left, but it sounds like it's less headache for you this way...
Hi Bjorn, it was frustrating. Original site had been set up by a student and left to customer, who did nothing - no wonder they were hacked. But everything after that was very strange. I wiped the site, changed all the passwords and started again, so no back doors. And the domain transfer was both suspicious and scary. The domain had not expired; either Bluehost were conned by the scammers impersonating the customer or some sort of fraud occurred - it was impossible to tell. Either way, it was not a good look. They were a good customer, just very naive about IT. Thanks
LIke you say it's really impossible to tell what truly happened without good investigative tools and lawyers with subpoenas lol,
Like you said - but I understand. 😂
This happened to me yesterday. I’m with hostmonster. And all of my websites are down and they say all of them have been infected. At the same time? No. They are scamming us.
I got an email yesterday from SiteLock saying my they found malware on my website and they can fix it. There's one problem, I took my website down a year and a half ago... SCAM?
I just signed up with bluehost and unchecked the bock from sitelock, and then looked at my receipt, they added it onto my account against my will and it just says free next to it. Should I switch to a different hosting company?
Same thing happened to me today. My site was not even live, I was building it and it got a malware. Like you, I chatted to whoever I thought was Bluehost but it was sitelock. The guy introduced himself has sitelock though. I will cancel the subscription and get my site some place else
At least he was upfront about being with Sitelock. I recommend SiteGround, they're a great host and they're not owned by EIG :)
@@wplearninglab I reached out to siteground on their chat and am planning to transfer the site to them. Thanks a lot for your videos, I wish I had seen them before, I would have never registered with Bluehost!
Thanks for the info, am using siteground gogeek plan & the best hosting I ever use, awesome customer support....
I have most of my sites on Siteground now as well. They're great and the servers are fast.
I used sitelock before a long time ago I don't think it was them, the way to check for that is easy, just put up a basic site and only have default plugins of wordpress or take them out and use only sitelock and see if it happens.
NOT a coincidence - OMG this is almost an EXACT play by play of what has happened to me. but with Netfirms & Sitelock. I've been saying this for years and every time! I was tempted to screenshot my chat with me host! Damn it, next time. Cause this happens like CLOCKWORK everytime i decline or cancel a service.
I'm not a lawyer, so I'm probably using the wrong term, but it seems like ransom or extortion. And it doesn't seem legal, unless the host discloses that this will happen in their terms of service that you have to agree to before you sign up. Even if they disclose it, it doesn't seem legal.
It's been a year now. Do you still have the same strong feelings about your experience with SiteLock?
Just happened to me today with Netfirms
That sucks, did you sign up or get away before they talked you into a bad deal?
Forget shared hosts, switch to aws, its free. And setup isnt hard, just use Bitnami wordpress Image (very good security practices and lots of videos available for setup). Its also hugely faster than shared hosts. Use cloudflare(free) over that it will cache ur site to cloud and also protect it from ddos. Also, use wordfence and ithemes security plugins on the top of that. Fix permissions for htaccess (444) and wp-config (444) and others that ithemes security plugin recommends and disable xmrpc.php (all options are available in that plugin). You are good to go in this scary world. Free version of plugins are enough so don't worry. Remember, getting hacked is a part of learning, so don't panic and instead be thankful that the hacker found a vulnerability too early for you to fix it.
I had a similar encounter last year, just after subscribing to one of the plans for 4 websites, my accounts where hack. When I contacted Bluehost, they referred me to Sitelock and they requested me to upgrade my plan for an exorbitant fee. I expected a hacker to demanding for a fee but here it was Sitelock and I concluded that they were the hackers, i canceled my subscriptions immediately except for one account.
This is happening with me at the moment.
But also is happening over the last 9-10 months.
anybody familiar with shoper pro theme it's so complicated
I'm not familiar with it Latoya. There must be some resources if you Google it.
I purchased a domain and was offer a free Sitelock trial on the Domain. I contacted Bluehost and all they wanted to talk to me about is Sitelock. They are holding my site hostage. They were so unhelpful! They are the absolute worst. Thank you Blue Host. I am leaving after over 10 years.
I literally have the registration form for gator filled with sitelock checked. Thought I'd just do a quick search. I'll look elsewhere after seeing this.
Man i just bought in to sitelock.....grrrr my site is being directed to some viagra bs site, did not know i could fix it myself, now im locked in for a a year contract, where are tour videos for future reference
Maybe you can still wiggle out if it? This playlist has security and hack cleanup tutorials: m.th-cam.com/play/PLlgSvQqMfii7YSIzIPnLng0zDkGbvQTwG.html
I hope that helps!
It is not a coincidence, Hostgator and Sitelock do the same hack trick on their customers as well. Just take a webhosting service that has no related Sitelock services and no such things happen.
I've had similar issues with Sitelock on my client sites via Network Solutions and Go Daddy. How bad is the hosting if Sitelock is claiming to find security issues every other week? And no matter how much you pay them monthly, it's never the correct plan that actually fixes any issues. Sitelock is either a total scam, or at the least unethical.
It's still happening now to me!
HAPPENED TO ME TOO! Cancelling services with BlueHost.
What kind of accent did the Sitelock caller have and what was their name?
Hey Chris, her accent was American, her name is Antoinette and my caller ID shows the number coming from Phoenix Arizona, which could have been spoofed.
There's are companies that allows callers from other countries use US numbers. I get contacted every so often by scammers posing asa US business wanting to hire me.
BTW I haven't liked BlueHost, Hostgator, etc since EIG bought them all out
Hi Kathy, I've encountered lots of thick-accented number spoofers that look like they're calling from the US. But this lady's English was great.
Great English speakers can be found in other countries, but I don't encounter them often in these types of situations.
To be honest I am a little surprised and quite concerned if you don't know about EIG (Endurance International Group) or maybe you do. EIG is the borg that keeps buying up smaller hosting companies and then "normalizes" them in to it's crappy server farm, cuts back on the support and then upsells at every turn. They bought BlueHost in 2010 and own a couple dozen more. They also own a lice of Sitelock which is also an up sell scam. I roll with CloudWays for the most part and WPEngine or Flywheel for my bigger sites if needed. As much as I love these platforms if EIG were to buy them I would start moving my sites the next day regardless of the cost. But check for yourself... www.reviewhell.com/blog/endurance-international-group-eig-hosting/
Hi Tom,
I do know about EIG, but not the whole story. I knew the owned BlueHost; they also bought HostGator. I had a feeling they had a slice of Sitelock (or owned it outright), but I didn't look into it.
I use WPEngine for my important sites, Bluehost is an old hosting account that used to use, I kept it around for lower-tier sites and a couple clients who I give free hosting too there. But I'll be shutting that account down soon.
Thanks for the link, I'm sure I'll learn a thing or two about EIG after I read it.
Had the same experience with Sitelock and Hostgator. They told me it was a malware attack and suspended my website and need to contact the security team then just found out that they just sent me to sitelock. their just getting money from us
Wow
Wow this is something unbelievable.. I was thinking to use sitelock's service
But no wow forget it
Thanks man
the best thing I heard today
But apparently, sitelock is a Blue Host contracted company. If they have the power to shut you down until you sign up for their ransom subscription, what can you do? COOKED DICE!
I may have to look into creating my own domain web hosting company
Sitelock and BlueHost are both owned by EIG. EIG has a pretty bad rep in the hosting space. The best move is the avoid any host that is owned by EIG.
Creating your own web hosting company actually isn't that difficult. You really just need three things: server space (from Amazon or Google or Linode or many others), a website (built with WordPress), and a way to automate the connection between your site and your hosting server (WHMCS is great for that).
Hii sir, my websites & domains are in Blue host. Lot of spam mails are getting daily . I contacted blue host tech team & sales team they people offering Sitelock security.
Please can u suggest me which hosting is good trusted.
Actually tomaro i ready to take Sitelock security. Just now I watched this video I won't take Sitelock security.
Thankyou so much sir,
Please give me reply & suggest plan which hosting is best one.
Hey bro, same thing happened to me, I am thinking, that Bluehost is compromising people's site on purpose so that they buy Sitelock!
Their not reputable, I just had one of their former customers who moved away from the servers near a year ago. They called her up and were telling her that her files are infected. Files hmm on a host she has not been using for close to a year if not a year. Files coincidentally after finding they never closed the account they were asked last week to close and delete! Wanted money to clean up files that have not been active in a long time and are suppose to be deleted.
try to search (EIG) Endurance International Group, they own Bluehost and other hosting companies like Hostgator, etc. and guess what, they also own SiteLock. got the idea?
Thanks
You're welcome, thanks for watching! Let me know if you have any questions :)
That's scary, I'm staying far away from Sitelock. Thanks for the heads up
That's a good plan Jocelin. At least when you encounter them you know there is another way.
I am studying to be ethical hacker and they say all free vpn's are free for hackers to enjoy, so now we know to pay for vpn's or else. also the same I herd about free google drives, you may as well give everyone your password or not even with todays easy hacks I saw (not going to say them), but only a paid google drive is encrypted but the free one's not encrypted. everyone needs to be studying iot of things (devices of things connected online) check out everyones devices connected and it can be exploited
That's messed up!
No doubt, you have to watch your back these days.
Valuable video
Thanks Tomoya and thanks for watching!
I had the same bait and switch just happen. Hostgator / Sitelock.
Thanks for the share
You're welcome, thanks for watching!
They just hacked me, demanding to pay hostgator sitelock
ditto, my site was deactivated. Chatting with bluehost support, they suggested I purchase bluehost Essentials at $20 more per month to scan and clean the website on a regular basis. Very dubious and bluehost should be sued. Anyone up for a class action law suit?
Yes! This exact same thing has happened to me. Blue Host & Sitelock is a scam.
This is exactly what is happening to me......
I am experiencing this also, my gut instinct says its a scam. I think bluehost is behind it.
Just happened to me as well. Same as the video.... figured out I was talking to sitelock. She asked what I did and I told her honestly that I teach guitar. She then starts going into a bunch of techno-babble about cross-site-scripting attacks and open redirects and how if I have any HTML file on my site that those will show up as malware for sure. What she didn't know was that I was a developer for 12 years and was an IT project manager for 3 before I followed my happiness and taught music. I said, "you don't really know what any of that means do you?" she was quite for a second, I followed up with asking her, "what does HTML mean?", she stammered, I said "If what you said were true, then every website on the internet would be malware". I then let her know my background and she got very nasty. She said "well, I guess you know everything then don't you". I said "well, if I have a car problem, and I take it to a repair shop, I expect a mechanic to look at it, not the person behind the checkout counter. Do you actually have anyone there qualified to discuss a possible point of entry?". She responded, "well if I knew how to code I wouldn't be sitting here doing this job. You actually expect customer service to know how to code? Give me a break!". Needless to say, I ended the conversation there. I talked to bluehost and let them know how predatory this was and why am I being directed to sitelock when bluehost are the people I should be dealing with.
@@EnFuegoDuo wow so after fighting with bluehost for 3 days explaining thay I do not want SiteLock ever! and to unsuspend my account asap. Finally they re instate my account and allmy WordPress sites are disconnected from internet. I will be leaving them this week
I’m sure, as you are you, the ‘what do you do’ is a qualifying question to see if she can pull a fast one on you.
What’s unfortunate is that people are recommended Bluehost by others, who probably mean well and have never encountered or heard of this problem. And nobody goes searching for a topic like in this video until after there’s a problem.
@Frank Smith, are you going with A2?
@@wplearninglab yes I am going to sign up !
It's no coincidence. Now am not doubting at all they hacked my sites after they contacted me. This is a scam. Am moving my hosting from bluehost. And am blindly recommending them here in my country. Tweaaaaaa
It happened to me too. Site lock is a sham.
Wonder if they're from Israel, alot of them do the extortion bit
Bro, sitelock hacked me bad... my site had 4 subdomains. I lost everything. The time and how it went about sure looks like it was hacked. I bought sitelock and it scan my site said it was clean. haha... I have a real mess.
god damn is this frustrating. I hope Hostgator and Sitelock go out of business as soon as possible.
They've been extremely aggressive with the phone calls even after I told Hostgator to specifically not give them my phone number.
I couldn't fix the issues myself so I hired someone to do it on fiverr for $5. All done no problem. 24 hours later there are new issues and I suspect it's the same issue others had in the comments. Absolutely incredible that these companies are allowed to behave this way.
2023 and happend to me
This isn't a scam. This content creator just doesn't know how malware and malicious attacks work. I've worked for 6 major hosting companies... All scan their servers to make sure no one is hosting malware and if they do find hacked/malicious content will typically let the customer know and send a lead to a security company they are partnered with to help the customer get things fixed.
I'll be leaving Bluehost now. Thank you.
yup, they're scammers NO DOUBT!
lol happend to me as well, and getting sitelock bot traffic in my site even after i switched to aws from hostgator. Guys, use wordfence for firewall and ithemes security for audit logs, changing login url, also block xmlrpc.php (option in ithemes security) Free versions are enough.
nope not paranoid. Happened to me almost verbatim, but with HostGator. avoid bluehost, hostgator, any EIG. I smelled a fish when HostGator starting pushing sitelock last October. Sites down, Cleaned it, 3 weeks later same, cleaned it 3 weeks later same. Then as you stated, I start getting calls "hi this Josh, from Sitelock we manage the security for your website...your site been infected etc. etc." "Urrrmmm, no you don't manage the security ELSE I wouldn't be getting this call" A. B."I've never signed up with nor payed you for said services" Then came the sales pitch...FFS, really?
So now it's research time a simple "Sitelock Scam" in google was all it took.
You're not alone Amigo. And +10000 for avoiding them or any host that partners with them.
Not a plug but Siteground is not affiliated with them. Just spent the last four days moving all my clients sites over. Actually they do it for free , but won't turn it on until the files are clean. And they DO provide a list of files and the reason for the flag. Some were just crap file but some were needed so the it was a matter of removing the obfuscated PHP form each document, took days.
Anyhow thanks for the post, I was googling above to send clients who have been down proof and ran across your video.
Peace and Namaste
Below is an important screenshot.
Went through the same thing for a few days now. Been on customer chat four times today, and once 3 days ago. Then, after wits end, I decided to check my spam folder, and low and behold Google, yes, Google even flagged Sitelock as Spam. I took a screenshot of it, and cancelled my Baby/Shared package at Hostgator. In an attempt to keep me from cancelling, I was redirected to talk to Customer Support. So, I did. I took a screen and shared it with them. My account is no longer suspended, but I still cancelled it.
Screenshot:
i.postimg.cc/xjvfCC55/Screen-Shot-2019-04-01-at-10-15-01-PM-copy1.png
Thanks for sharing his information :)
It is funny that Gmail views Sitelock as spam.
@@wplearninglab Thanks. It's horrible. And none of this happened until we allowed Google to add ads. The Sitelock representative was like, "Now that you're making money, you need malware protection..."
Now that my site is making money; and how would you know that Sitelock? So, I ended up using Filezilla and deleting all of my sites, and my server files. Just going to write something from scratch and not use any adspace on the sites.
That happen me too
Wow. Ridiculous. Call the FBI.
I don't have their number handy :(
SCAM!! "it turns out that EIG owns HostGator, BlueHost, a lot of the major hosting companies that sell hosting for pennies on the dollar, they also own “Site Lock” which they give direct referrals to from servers they don’t really monitor for security. If they do find something on the off chance their part time security team comes into work sober they probably refer them back to site lock which charges you a fee to cleanup and then further “monitor” your website, etc." whackers for hackers
I think sitelock is hacking people's websites
That does seem like one possible conclusion, but finding conclusive proof is the tricky part.
I have thought that for years. I have been with bluehost for 8 years and never had a problem. Then all of a sudden site lock came along and all my sites are hacked.
Hey Frank,
I’ve heard the same thing many times. It seems to me that sort of thing should be illegal. Or maybe it is and sitelock is too small of a fish for enforcement agencies to care about it.
SiteLock, BlueHost, HostGator are all owned by they SAME company
SCAM!
oh God, i just signed up by them .lool
Hi Bashar,
Sorry for the delay. We just had our third baby and it's been a bit of a gong show around here 👶
Better un-sign up! I would steer clear of them.
@@wplearninglab thanks for your replay and a lot of kisses from me to the baby hhh
yes i canceled the contract after i saw your video ,so thanks again for your advice.
No problem Bashar, good work. You still need site security though. If you're unsure where to start check out these two tutorials:
IThemes security: th-cam.com/video/n0P3G1ZMETI/w-d-xo.html
Wordfence: th-cam.com/video/2F460uMt2JE/w-d-xo.html
I hope that helps and thanks for watching!