None of our clients have ever received a message of this nature, and we aim to make sure it stays that way. We do that by ensuring that your sites, all addon components, and all server applications are up to date. Plus, the sites and the servers have additional commercial security applications in place as further lines of defence against unwanted visitors.
Just because no client of ours has ever experienced this scenario doesn't mean that it doesn't happen. It does......every day! If you look at the Sucuri Security Analysis you can see for yourself how many sites do get hacked......we're talking of thousands on a daily basis. The fact of the matter is that every 4 to 5 years, a site will reach the stage where it can't take any more security patches or run on later PHP versions. The reason for this is that the application is now totally out of date and contains multiple deprecated and end of life processes that need to be totally removed from the installation. That is the point where it needs to be replaced as you can't keep papering over the cracks.....you can only go so far. Though by that time it's going to look very visually dated to users anyway, which is not a good way to present yourself to potential clients. Dormant site equals dormant business in the view of end users.
At that stage we can no longer support sites of this nature as they represent a danger not just to themselves, but to every other client on the server. We won't take risks of this nature......the wellbeing of our clients' businesses is too important to us. Unfortunately, some clients refuse to accept our recommendations. Obviously they don't consider their site security to be of any relevance, so they find a web hosting provider who doesn't consider their server and client security to be of any relevance either. Now you have the perfect storm!
This is just playing Russian Roulette......and one day you will get the loaded barrel. It's just a matter of time. And that time arrived for one former client this week when he received this mail from his current provider.
We have found that your site is potentially compromised/hacked. Our scanning systems have provided the following information regarding the issue: Malware detected. Our Team cares greatly about your site's health and well being and we recommend one of the following options which we have documented in detail for your review: Have a developer clean the site or request a site sanitization from us ($90)
Due to the nature of the problem, we need an immediate response from you. Simply respond to this email letting us know what option you are choosing. If we do not hear back, the site will be isolated and blocked to protect your site data as well as the network.
His provider can clean up the malware for $90.......but that hasn't changed the status of his site one bit. All they will do is remove the malware - his site is still in the same outdated and vulnerable position it was before it got hacked. So within a week or so it'll get hacked again resulting in another $90 cleanup bill. And this will continue ad infinitum until he replaces the installation entirely.
Unfortunately, it's not just the cost of the cleanup processes! It's the lost business, the diminished client confidence, the disruption, and the resulting stress of a trainwreck like that. And just when you think it can't get any worse you find that Google has blacklisted your site because it's found the malware on there. Be aware that websites lose about 95% of their traffic when blacklisted by Google, and getting them to reassess your site status can take some time.
It's not the first time this has happened to an ex-client and it won't be the last. There is an easier way of course - just listen to the security advisories that we give on your site status. After all, if your mechanic tells you that your brakes are about to fail........do you then carry on driving regardless, thinking it won't happen to you?
Nothing is more important than security......and there can be no compromises in this area. Seriously......just don't risk it!