Does anyone here use Sitelock? If so I'd love to hear your experiences with them.
First let me say that there seems to be a growing number of web hosts that have just completely given up on even basic security and sends everyone over to Sitelock to pay for their services. Go Daddy, Network Solutions, Hostgator are the ones that I've seen lately. They don't even try anymore. If you have a security issue ON THEIR SERVERS, there is no tech support it's just "Get Sitelock" here's the number.
In my experience it's a nightmare. Never have I seen so many issues as with the few clients that I have who have Sitelock.
Seems like every other day it's reporting malware and threatening to remove their sites if it's not taken care of immediately. Here's the thing though:
The malware reports are always vague, and don't give any indication or direction of what they found and where.
Also, they offer like 70 different types of services and you have to upgrade a few tiers to get the service that supposedly scans and repairs.
But even then, some other malware seems to mysteriously pop up that requires you to get the full "Maintenance package".
I've talked to these people many times and each time I ask "Where is this malware that you say exists?" I never get a straight answer, just directed to press the "Fix" button ( Seriously? Why is that even there? Just fix it!) that doesn't seem to do anything, or an offer to upgrade for the REAL scan and repair service.
Yesterday I asked a Sitelock tech about the constant alerts and asked does ( the host) provide any kind of server security at all. His answer was "Yes they have security for themselves. Not for you". (Seriously? WTF? )
The few times I was able to actually see a bad file, they were really simple. Not malicious enough to do any harm, just enough to give off a bad reading.
Furthermore, the placement of these "bad files" are not in the usual places. I deal with a lot of hacked or infected websites and have seen some bad ones over the years. This is not that. It's single files in closed permission folders inside the WordPress core.
In 10 years I have NEVER seen an infection inside the WordPress core files. Especially not a single file just sitting at the bottom of a folder and nothing else. Almost perfectly scripted just like their own promotional material that says what bad files look like. And this is ONLY happening on Sitelock websites. Of the 50 or so other WordPress installations (many with very heavy traffic) that I work on, have access to, or monitor across various hosts...I don't get anything like this.
This is even happening on new WordPress installations with no themes, additional files or plug ins. Bare bones. I KNOW for a fact that WordPress isn't that weak and vulnerable.
With one client in particular, I am positive that their low traffic website is not being hacked every other day and just one file is being placed on the installation. No hosting is that weak.
I don't know what's going on with these people, but something is NOT right.
Anyone else have any experience with them?