Your voice has a chance to be heard now! scamion.com - we bring changes together.

report scam

WebTechs.Net


Country United States
State Arizona
City Scottsdale
Address 5900 N. Granite Reef Rd.Suite 105
Phone 480-348-0550
Website http://www.webtechs.net/

WebTechs.Net Reviews

  • Aug 2, 2017

I am a professional web developer that works at a very large agency, I am writing this as a friend asked me to help as a consultant to evaluate if they were being ripped off. In my 10 years in this industry I have never seen a company as abusive and damaging as webtechs.net below is a long account of what happened.

Tuesday, December 27th 2016

After talking to the company who had hired me to consult them via email I was told that their website had malware and Contact Form issues. The current web company (webtechs.net ) could not fix either of these issues. I advised my contact myself and another developer could fix these issues relatively easily and handle stuff like this often.

Tuesday 6:30pm -Webtechs would not send login credentials so I forced my way into the site via FTP by creating a back door.

Tuesday 8:30pm - I noticed code showing at the top of the site that was visible to users which looked like an issue, this was easy to fix by disabling a plugin modified by webtechs. I looked throughout the entire server and found no traces of malware.

Tuesday 10:00pm - My contact reached out to me letting me know the code is appearing again. This led me to believe their may actually be malware on the site. I attempted to login to the account I created but was locked out. My contact told me she received an email from Webtech's saying the site would be pulled off Google if I continued to make changes.

Tuesday 10:30pm - At this point something seemed fishy so I created a script to break back into the WordPress's front end. This time the account I created had complete access and could not be deleted by Webtechs. I noticed that all the work I did to fix the code showing on the site was undone, I reverted back my changes again and took a look at the contact forms my client said was not working to figure out why they were not sending.

Tuesday 11:00pm - After several tests on the contact forms I could not figure out any reason they would not be working, after digging deeper into the issue I noticed the recipient of the contact forms were changed so that all submissions that should have went to my clients email went to "[email protected]" .

( Skip to bottom for short sumary )

Wednesday December 28th 2016

Wednesday 11:30am- I had a conversation with my contact to advise her about what we discovered and we believed that Webtechs.net was making it seem that they had malware to force my client to pay for a new website. We had a call scheduled with Webtechs for 12:30 and agreed we would not confront them about any of this until hearing what they say.

Wednesday 12:15pm -Before the scheduled call with Webtechs.net I attempted to login to the WordPress with the account I created before getting on the call. We got the below error immediately when trying to login.

" /wp-admin/includes/dashboard.php) [function.require-once]: failed to open "

This prevented me from logging in. I quickly realize that Webtech's could not delete our newly created Super Admin account so instead they broke WordPress's dashboard file required to login to prevent anyone from logging in. i quickly went to login to the server after this to remedy the situation but were alerted with "Incorrect Passsword" prompts which meant Webtech's not only had access to the server but changed the server password between Tuesday, Dec 27th 11:50pm - Wednesday, Dec 28th 12:15pm.

Wednesday 12:30pm ( Call with Steve Webtechs.net ) - We had a conference call between Myself my contact and Steve at Webtechs. The Webtech's representative started by telling us that the change we made last night caused google to take Pearlmedspa off the search engine and that he immediately called Google late last night to have the site listed again.

After asking him what was going on with the site he told us my contacts site had very bad malware and that the malware broke the dashboard and changed a bunch of passwords. He went on to say that the only viable option was for a redesign of the site or re-code all of the theme. We asked several times about why the contact forms may not be working but he only replied with general things such as the site being outdated and having malware.

( Its important to note that NO ONE can call Google and request a site to be added and Google never removes a website like he claimed. Also that he had an opportunity to alert us to the fact that Contact Forms were changed to direct to [email protected] but did not )

Wednesday 6:45pm - After a LOT of cordination with my contact we collaborated and took over the server completely from Webtechs. After logging into the server we were able to check logs for the last user logged in and found that it was an IP address of (67.129.154.189) this IP was tracked down to a Century Link account with the

Hostname: 67-129-154-189.dia.static.webtechs.net located in Scottsdale Arizona at 2016-12-28 09:06:15 -0600 .

( This lines up perfectly with the dashboard breaking where Webtech's claimed it was malware the caused the lockout and dashboard breaking )

After securing the server we blocked this IP address completely from the site and server. We then discovered the cause for the dashboard crashing was a modified core file that was changed at 09:13:45 from "Dashboard.php" to "Dashboard-bp.php" this is a very common way for web developers to disable files so that they can easily re-enable later by changing the name back. We discovered today that Webtechs has a "Brett Polach" employed with them which would explain the "-bp" ending.

Thursday 8:15pm - After my contact called web techs to let them know that they were fired we checked activity logs to see a failed login attempt to the WordPress account " webtechs" at 20:37:55 from the IP address (174.238.2.115) which is located in Mesa from a Verizon account.

40 Days after this all happened- - Webtechs gained access to the Google search console account and they still had a password to and delisted all URL's to my contacts site, this greatly effected traffic and business. We were only alerted to this issue 3 weeks after it happened as its not something that is common and can only be done via googles search console.

Write a Review about WebTechs.Net