6Scan Security provides comprehensive enterprise-grade security with frequent site scans, powerful firewall, automatic backup, web analytics and much
Installed, site went bye bye, had to remove the plugin and a bunch of code added to the htaccess file by the plugin to get the site back online. 6scan server is still pinging our domain looking for the files that have been removed. 1 star only because there is no zero.
This software just warned me that I needed to correct a critical security flaw on a site that hasn't even been running WordPress or 6Scan for over three months.
Asked me to pay $9.99 to fix the error.
Some said this plugin is bad. Well, I thought it is not as bad as they said, so I decided to give it a chance.
After the plugin installed, there is a menu item called 6Scan on the left menu. And 2 sub menu items: Dashboard and Support.
I clicked the Support, it said "For any questions, please visit our support community." Besides the link provided, there we also can submit comments to them. Great, it means they do provide supports.
Next, I clicked the Dashboard. It ask me to provide my email address and password. What password? I never registered 6Scan. There is the text that appears on the form:
Your email and site URL will be sent to 6Scan to initiate your security scan.
Alright, I typed random things on both fields. And clicked the big orange button "Scan Now". Guess what. I can pass it without having the password.
It's still not working, I mean scanning anything. There are some fields need to be filled on the dashboard:
- FTP Username
- FTP Password
- Connection Type (FTP or FTPS)
I don't trust them. So I simply uninstalled it.
They maybe are serious, want to run a honest business. But after some minutes of my testing, I found nothing useful. There are plenty of great security plugins on WordPress.org, they're free and some provide extra supports with a fee. This one I'm not impressed, it ask too many things.
Told me I needed to fix a file because using WP 3.3.1. Not using 3.3.1, have the latest 3.5.1 installed.
I use WordPress for several of my websites. It is extremely functional and it makes really good websites. One major problem with WordPress is if they are even slightly out of date... they can easily be hacked.
So to get around this I use many different functions and features and plugins. One of the plugins I tried was 6Scan ( http://6scan.com/ ) . They looked like they had good software and I thought I would try it out.
Turns out what I paid for was useless so I contacted them through their "Contact Us" link and informed them to please stop my subscription (as there was nothing under my accounts setting on their website that allowed me to cancel the subscription). So anyways I emailed them and asked them not to bill me again as I did not want to use their service.
That was three months ago. Every month since then I have been billed, and every month I have contacted them and begged/pleaded/threatened them not to bill my account again.
They absolutely flat out refuse to even knowledge your communication or stop the billing. The end result is they spend months stealing your money while you fight with a useless bank to stop the deductions.
So this is a warning to all people who might want to use 6Scan for their website security... DONT! They are a scam! They will steal your money. You have been warned.
Simple as that, you get "security problems" as those virus/spyware that infect windows computers and ask users to buy the fake antivirus software.
Too bad I don't remember the site of the moron that recommended this, testing his security would be interesting.
The software did its thing, then announced to me that I had vulnerabilities. I could have them fixed for a price. This is where I draw the line.
I have no problem paying for services, if I decide I want them and I'm aware of the price. I object to "free" software that hooks you into trying it, only to let you know *afterwards* that you've got to pay. That's called "Bait and Switch," and is dishonest.
I feel that if a product is worthwhile, Bait and Switch is unnecessary. If it *isn't* worthwhile, Bait and Switch is immoral. I would think that there aren't many people who like being fooled, and that Bait and Switch probably isn't an effective marketing technique.
I removed the software. They need to try a different approach. Unfortunately, I'm not likely to try this company's products again, considering this unpleasant experience.
I deactivated the plugin and a few days later I got an unsolicited email from firstname.lastname@example.org with the subject "6Scan cannot contact your plugin at http://mydomain.com". I was shocked and upset that they had forcibly taken my email address from my WP Database without my permission.
This Clearly violates the WordPress Plugin Repository Plugin Guidelines:
No unauthorized collection of user data. For example, sending the admin's email address back to your own servers without permission of the user is not allowed; but asking the user for an email address and collecting if they choose to submit it is fine. All actions taken in this respect MUST be of the user's doing, not automatically done by the plugin.
This I am writing this to warn all prospective users about this immoral (if not illegal) abuse of private information and also in the hopes that I get the attention of the developers of this plugin so that they may change their tactics.
You must log in to submit a review. You can also log in or register using the form near the top of this page.