As we have noted in the past, the GoDaddy owned security provider Sucuri keeps writing blog posts about what has happened to their customers’ websites after they have been hacked. They seem uninterested in how those websites were hacked, despite the importance of figuring that out as part of properly cleaning up a website. And, more importantly, they are uninterested in that despite being a service that is supposed to protect websites from being hacked. At best, these are new customers, but they don’t mention that, which would seem like an obvious thing to mention when you are a service that is supposed to avoid that situation. If you look at reviews of Sucuri, there are plenty of customers mentioning they were hacked despite already using the service (some of them with a positive view of the company, despite that).

You would reasonably think that journalists writing stories that cite those posts would be in the context of raising questions about Sucuri, but they don’t. In a recent instance, the WordPress Plugin Directory was being criticized instead. [Read more]