Complete bate and switch and outright lie but this time i copy and pasted the ACTUAL conversation via sitelock.com online chat. no opinions just COPY / CUT / PASTE it speaks for itself. You decide.
me: hi travis sorry
i left the page on accident my apologies
Travis: No problem. Can I get your contact information in case that happens and you are unable to re-connect?
Travis: Great, thanks.
555-78-vainn ext. 707
Travis: So you are looking to try and prevent these issues going forward.
me: yes and i was to protect againt sql injections as well with a report regularly
Travis: OK, how was the site built. Is this custom coded?
me: i do not want to worry if my websites security is ok
Travis: Is this the only website on the Dedicated Server?
me: its all a script
Travis: How many websites do you have on the server?
me: active or inactive?
Travis: Total just on the server whether inactive or active. The reason that I ask is because if one of the other sites is hacked and they are able to get into the server it is very easy for a hacker to get into all the sites. We usually recommend separating your important sites from a security standpoint.
Travis: OK, and as for this site it looks like a site to download and upload music for registered users, correct?
Travis: OK, well the hard part about a site like this is hackers can register, upload a media file and have it executed as a text file. So there is nothing that you can do to essentially ensure that this site is 100% un-hackable.
Travis: We can however implement a scanner on the site to monitor it on a regular basis and shoot you an alert if we are able to find malicious content on the site.
me: ok yes some security is better then no security
Travis: The other piece that we offer is a maintenance plan. This basically give you unlimited access to our engineers for the year to perform cleans and hack removals as needed. Do you already have a security department that is going to be cleaning the site for you if found infected?
me: and awareness is better the ignorance so yes no we dont
Travis: Exactly, that is what we try to explain to customers with websites. No one is 100% unhackable as even Sony and the CIA were hacked last year. It is how you respond to hacks and the security that matters.
me: potentially this will protect us from getting blacklisted even if we do get malware correct
provided you catch it as fast as it seems right?
Travis: Yes, we are able to warn you of most issues before Google does so they can be resolved before the site is blacklisted.
How many site users do you currently have?
me: this is exactly what i needed almost designed for what i do
will you put a sitelock seal on my website?
Travis: Yes, we can apply the seal to the site for you with the maintenance plan. For a site like this were you are looking to grow your users it is going to be a lot larger than our standard scanners. We have custom scanners that will support "member" sites like this however. I would recommend the Custom Scanner with the Maintenance plan. This will give you the monitoring plus the use of our engineers should the site get hacked.
me: ok how much?
Travis: The scanner for the year is $2,000 and the Maintenance Plan is $3,000, however when purchased together they are discounted to $4200 for both for the year. This will give us the ability to scan the site daily as well as clean up any malware or hacks as they arise with cpanel access.
We like to focus on small and medium sized business as most Corporations use McAfee for their name but end up spending $5k - $10k for the same security.
me: not in our budget
Travis: How were you able to clean up the last hack? Did you have to start totally from scratch?
me: is there a monthly breakdown or is that a one lump sum amount
yes we did
Travis: Yeah that is a one time payment with the discount. Do you guys have a security budget created with a business model that is online?
me: we have people that are qualified to do this but we want them to focus on other things
i was hoping one of the packages you promoted on your website would have worked for us but it does seem to be the case.
any other suggestions?
Travis: Ah OK. Well then maybe we should implement the scanner that can monitor the site for them that way it will free up time for them and the should an issue arise they can fix it for the company.
Travis: The customer scanner for where the site is at right now would be $1800.
me: and what type of scans
one time only?
Travis: No that would be daily scans for the year but yes a one time payment. The custom scans are more in depth and meant more for a website on a dedicated server. I want to check to see if I can get you a discounted rate on that though.
me: i dont think we are going to work out
you gys promote monthly services and sell one time services
i am confused
Travis: Well you have a large site that you allow customers to upload and download material from. The scanners you see online are for Basic websites. The Premium and Enterprise scanners are for WordPress, Joomla, Drupal, etc sites.
Your site is custom coded and on a different security level. Unfortunately most companies do not buget for online security and end up with none and their sites are repeatedly hacked and they spend all their time fixing and re-building them.
me: ok i understand your right
Travis: With a site that is letting users upload and download files it has a huge security risk so it is not a simple fix type of a site.
It reuires a lot of time to fix issues and a lot of scanner to fully check the stie for threats, vulnerabilities and malware.
me: just looks like bait and swith from my end think about it how many poeple need to budget foe online security and NOT have custom code.
so atlease explain what you just said on the website
sets the expectation wrong is all i am saying my friend
i dont even see an option for "custom" code
Travis: Sure, well most customers with a site that is larger understand that a simple scanner is not going to work for their site. Just as a WordPress user sees that the Basic Scanner is going to be too small most larger companies that are serious about security understand the needs for certain types of security.
me: so your telling me the options that need vs the ones you offer will not work at all for my website? a scan?
up to 500 pages? i have less then that
big site sure but no where does it say size of site
Travis: No we offer all types of scanners based on site size so we definitely can find one that is what the site needs but you said that it is not in your budget.
me: only refers to number of pages correct
Travis: So your security budget for an online business with customer having the ability to upload and download files is a few hundred dollars and you were thinking that this would cover the entire site for you?
me: lol no what i am saying is what you advertise on your website vs what you are telling me conflict
i know i have less then 500 pages on my site right?
thats and even the other package
i want a scan
no where on your website does it mention custom packages or any other measurement
only # of pages
Travis: Ah, OK. Well I would not know how many pages are on your site as I have not individually counted them. The pages refer to page URL's. So every picture, link, etc that the scanner can click on is a new page for the scanner to scan. This way if you are linking to another website or page that is infected we can warn you.
me: but you tell me because i have "different" type of website.... I have to pay more correct? Do no understand correctly?
Travis: So some companies will link to say abc.com and if that site is blacklisted then you would not want to be linking to them and affecting your reputation.
so a page you define as any url or hyperlink?