Sucuri - Is it worth it?

[Jeffin]

My wordpress blog got hacked recently. I am considering paying for Sucuri services for my blog and my xenforo forum. Has anyone here had any experience with them? Thanks.

 

[Slavik]

They wont stop you getting re-hacked if thats your aim.

 

[Jeffin]

They wont stop you getting re-hacked if thats your aim.

Yes I am aware of that.
They say they do a deep scan to check if there are any codes that hackers might have left.
On second thoughts I don't think it's worth it. I have restored all my files from an old backup.

 

[=MGN=RedEagle]

Just host with Liquid Web, they have a dedicated security team. I got hacked (rooted) by a developer of mine -_- and they migrated all 50 of my sites (about 50), covered all the extra hosting costs needed for the move and paid me 6 months hosting as an apology.

You can call them any time of day and they pick up in 1 min or less or pay you to wait. Their staff have a ton of good cleaning tools too.

Haha, you can see I just love LW

 

[Jeffin]

Thank you for the suggestion @FaithFirst. I've heard good things about LW.

I decided to give Sucuri a try and now I am glad. They have found so many malicious scripts on two of my websites and have given me detailed advice as to what should be done. They did a lot cleaning themselves. I have a feeling I had these malwares residing for a long time and were eating up my server resources. The investigation is still going on.

 

[=MGN=RedEagle]

Interesting, let us know how things go.

 

[Anthony Parsons]

I am considering paying for Sucuri services for my blog and my xenforo forum.

Sounds pretty novice to me, and an unrequited cost. A quality host and SSL your site, most of your issues are solved in those two things.

 

[Jeffin]

ServInt is my host. They are supposed to be good. They told me the hack happened due to some wordpress installations that were outdated. I don't have SSL and I completely rely on my host to do anything on my server. I just trust them when they say that my server is secure.

 

[Jeffin]

Interesting, let us know how things go.

Yes I will.

 

[Anthony Parsons]

They told me the hack happened due to some wordpress installations that were outdated.

Well... then that isn't the host, and it wouldn't matter what host you had. If you put a loophole onto a server that can be exploited, it will be exploited. ServInt are good, yes. Actually one of the best available. I have SSL on both my server and my website, which removed the ability to so readily intercept connections and tunnel into a server. I had issues before this... never had another since.

 

[Jeffin]

So an SSL can make so much difference? Wouldn't it slow down the website?

By the way, ServInt in my opinion has an awesome customer service. I've been with them for few years. It's just this hack incident that got me worried.

 

[TPerry]

It's just this hack incident that got me worried.

No matter who your provider is... if you have code that is not secure, it can be a gateway for intrusion on any hosting provider. That's why well written add-ons are important (whether on a WP blog or a forum).

 

[Anthony Parsons]

Wouldn't it slow down the website?

SSL is pretty insignificant in the scheme of things for load on a site. A single add-on can do far more load bearing than SSL to protect against interception attacks and spying eyes.

 

[turtile]

ServInt is my host. They are supposed to be good. They told me the hack happened due to some wordpress installations that were outdated. I don't have SSL and I completely rely on my host to do anything on my server. I just trust them when they say that my server is secure.

Well, usually you have to upgrade PHP/MySQL on your own unless you request it. Have you?