My Site Got Hacked – Who Should Be Fixing it?
Late last year we built a new website for a client, lets call him Bruce, and since then we’ve been doing the SEO for Bruce’s new website. The site looked great and was climbing in the rankings quite well.
Then one day we noticed a message from one of our Google tools letting us know that the site had been hacked. The hosting company quite quickly took the site down – and did not have a service to clean the site up. (This site was not hosted with us)
For the end of this story – keep reading.
So in a situation like this who is responsible for fixing it? The hosting company? The web developer? The SEO company? The client?
The shocking truth is that in 99% of cases – this is totally up to the client!
Let me explain.
Imagine for a minute that there is a home building company that also does home staging to help to sell houses.
They build you a house on rented land (odd concept but stick with me). They then proceed to do the home staging, and fix up the landscaping – making the house attractive to visitors so that they can sell it for the owner (the client).
One day a bunch of kids break in and vandalises the property. They graffiti the walls, throw around the furniture and make a bit of a mess.
Who has to pay for this or do the clean up? The land owner (hosting company)? The home builder (website developer)? The home staging company (SEO company)?
Well clearly this is up to the owner of the house (who hopefully has insurance)…
What if it was a car?
Let’s say you bought a car and you were keeping it in a rented garage. You have someone coming in regularly to clean it and keep it looking nice. One day, someone breaks into the garage and throws rubbish around inside the car – maybe damages the panels.
Who has to pay for that? The garage owner? The car cleaning company? The car yard who sold you the car?
Well clearly this is up to the owner of the car (who hopefully has insurance)…
Now to finish the story
Our first thought was to try to fix this for the Bruce as soon as possible – we were keen for this site to do well, and decided to go ahead and clean it up at our own expense of time and money. So we wrote an email to Bruce to let him know that normally it would be an extra cost, but we were going to do him a favour and get it cleaned up.
What we didn’t realise is that the Bruce seemed to think that this was part of our job, and got really, really mad that we said we would ‘do him a favour’ and fix it.
From his point of view – Bruce saw it as our job – he was so offended by the email we sent that he decided to cancel all services with us.
We went ahead and cleaned up the site anyway (we felt it was the right thing to do) – and it was put live again… but without a security package in place the chances are that it will happen again – specially with no protection or auto backups in place.
So, what we’ve learned from this is that
- It’s really important that website / business owners understand how this works –
- We need to be educating people about this issue
- EVERYONE should be adding some sort of security watchdog package to their website hosting. (yes we do have one.)
It’s a business owners worst nightmare – finding that your website that brings you new customers every day – has been hacked. Hacking can take several forms:
- Whole site hacked with content changed to some hate message (or similar)
- Malicious software injected into the site that creates new pages about viagra etc.
- Malware that attacks the computer of people who come to the site.
- and more….
So how do you know if your site is hacked?
The scary thing is – many people don’t realise for a long time. If you’re lucky, you have a pro-active host or SEO company monitoring the site for you, they’ll notice pretty quickly and let you know.
If you’re not sure if your site is safe – give us a call and we’ll check it out for you.
Better safe then sorry …