Let’s Start with a Video. The Sucuri Tour.
Some Backstory on My Websites Being Hacked
First thing I normally do in the morning is check on my various websites. Out of some level of vanity, I like to type in their specific keywords and see how they rank in Google. Well, this particular morning, that is exactly what I did…and nearly did a triple-take at the small, underlined text just below the name of my website. It read: “This site my be compromised.”
What the –?
When you discover you’ve been hacked, many emotions filter through you: denial, outrage, resignation, and so on. Needless to say, I spent the rest of the day in a fog, doing endless research, trying to find out what to do. Of course, it became an obsession, to the point where I neglected focusing on other important aspects of my business, like doing time sensitive estimates, invoices, and business planning.
Well, looking back, it was only a matter of time. Hacking is so common. Plus, I’d neglected to keep WordPress updated, and all of my website forms had no captchas assigned (let he who is without sin cast the first stone, folks). And according to customer service at my hosting provider, I would need to go through every individual file on my server. Not so much. I set out to find effective malware scan plugins for my WordPress sites.
Hence, Sucuri Security.
This is when I stumbled upon Sucuri.net. To be honest, I’d never heard of people being able to removed malware for you. Say what? I gave their free scanner a try, and it turned up very detailed results about the malware infecting my site, as well as their locations on my server. Sucuri promised to have it removed in about 4 hours, and to monitor my website every 4 hours for me. It would easily have taken me weeks to remove it on my own, and even then I wouldn’t have had peace of mind because the malware could easily come back. Just to do my due diligence, I did some additional research and found some quality reviews, and within an hour, had decided to go with Sucuri. I almost cried real tears of relief that morning, trembling cup of tea in hand. After signing up, I lay down to take a nap, having slept very little the night before, trying to figure out what to do.
When I woke up 2.5-3 hours later, I had a couple emails in my inbox informing me that they had not only removed the malware from both of my sites, but they had also “hardened” some weak areas as well. I was amazed. For the specifics of the various ways they “harden” your site (including through the use of their WordPress plugin), they discuss it in detail on their site.
Their pricing is extremely reasonable, considering the services they offer. At present, they have three tiers: they will monitor 1 website for $89.99/year, 2-5 websites for $189..99/year, and 6-10 websites for $289.99/year. Beyond that, they have custom plans that they can make fit to whatever amount of websites you have. Now, here’s the important part to understand: once you pay for the year, they will service your website as many times necessary for that one year. This is crucial, folks. I signed up for the service in order to have my site cleaned, but considered it a bonus that they would fix it again if it got infected a month later. Shoot, if it gets infected on a monthly basis (which is highly unlikely), they will clean it up, month after month. Sweet.
Just for kicks, I scanned other website security sites for comparison and was shocked at their steep prices, especially since some of them didn’t even include clean up services. What the heck? I saw some as pricey as $1000.00 a year, and offered the assurance that they would monitor your site, give you a pretty seal, and offer you suggestions if you website got hacked. Suggestions? Let me tell you, when my site was hacked, I wasn’t looking for suggestions, I was looking for immediate solutions, dagnabbit. Suggestions, puh. Okay, I’m done ranting.
Not only that, but they monitor my site for me, 24 hours a day, 7 days a week. And if my websites get infected again, they will fix it again…and again. And again. And it’s at no additional charge once I signed up for the service. As I mentioned, it takes them only 4 hours to fix a website on average. For me, it was less.
Once you sign up and log in, below is the Sucuri dashboard:
Sucuri will monitor your website at 3, 4, 6, 12, and 24 hour intervals. Check it out:
In the event that they find malware on your website, they have a handful of ways to alert you: through sms text message alerts, email, Twitter, Instant Message (IM) Alerts, and RSS alerts. Here are they are from the dashboard view, when you’re logged in.
Let’s say you Sucuri sends you a notification in one of the above ways, alerting you to the fact that malware has indeed infected you website again. Sucuri will remove it for you, but you must submit a “Malware Removal Request,” as seen below. Some people see it as a negative that Sucuri doesn’t jump the gun and remove it for you, but I personally like the fact that they won’t act without my explicit consent.
So In Conclusion…
There’s nothing worse than finding out that your website’s been hacked. And there’s no telling the full extent of what the hacker has done, because they are very, very intelligent. Some simply want to vandalize your website with unwanted porn/viagra links in the code, while others store your info. They can do virtually anything, including creating “back doors” to your website via your server, so that even once you’ve deleted infected files “A” and “B”, they can easily reinfect your website.
It is for this very reason that I would recommend Sucuri. They remove the malware and strengthen your site, and eliminate the things you would not normally find on your own, including those back doors. In addition, they offer quite a few educational resources on their site, seeking to educate us about the different threats out there.
So in a nutshell, I would recommend Sucuri, especially for the small business owner or web designer. There you have it.Visit Sucuri.net