I'm not sure how much traffic you have, and maybe others will disagree. I wonder what others think about a $179/mo plan vs a $12/mo plan. If you have less than 10,000 hits per month it seems high to me.

Have you communicated your concerns with your developer, prior to dropping him? $675 seems fair if your developer needs to spend 15+ hours on the cleanup. But I would expect the developer to communicate with you in a more professional manner. If that's not happening then get someone who will. If that's possible... I don't know any developers who communicate well, personally.

I don't know how to get the Google issue fixed, or anything about tim thumb. I hope the Google issue has been fixed, that's horrible.

If you're paying that to your developer they've got quite a markup. Maybe that includes maintenance or troubleshooting?

OTOH, the $675 to put your site on a new platform sounds reasonable to me. But unless your developer can explain to you why you got hacked and what safeguards they are putting into place, it seems kind of useless. Also, if you tell them that you didn't upload on an unsecure wifi, and they are still trying to blame you, that does not sound good.

I'm not a big fan of open cart, they charge or their service and are not very flexible. How much work are you doing yourself on the site? do you work with the CMS? I usually set up static pages and shopping carts through the same platform, and let the shop owner add the products to the back end. If a developer sets up a site for you and you hire an assistant to manage the products you'd probably do better than having the developer do the whole thing, unless of course, you just want it done with as little activity on your part as possible.

To set up a new site, probably $1500 to 2500 depending on a lot of variables.

i would like to suggest you generate a new webmaster code and sitemap for your site. Submit a code into the website and sitemap.xml into Google Webmaster. You need to verify your site also on Google Webmaster once the code get installed

my wordpress blog was also once hacked... I checked my logs and what I see on daily basis that some script kiddies are trying to find every possible hole in my system by guessing, (like checking for online viewable passwd files.. trying to upload stuff) unformtunately some plugins are not secure and they are not updated so they might be a security risk - one plugin was insecure and someone uploaded a php virus to my blog and they changed the front page for googlebot only to display viagra stuff, for normal users the page was clean. the purpose for this was to get some backlinks.


at first I didnt know what to do, but then I did the following:
- check if all of your php files have a web only group. (not root!)
- chmod 777 or 775 only for files you really are sure they are secure and need the rights.
- you could write a script which works in the background and deletes files which are uploaded by the hackers.
- install "anti virus" plugin so it can check if some of your files on your blog are infected.