Question for web developers/managers [View all]

I have a business website, with the info portion on WordPress and the shopping cart on Pinnacle (site developed 3 yrs ago).

Site was hacked a month ago, resulting in "site compromised" search results on Google. Site visits down by half, web sales down to almost zero - never were high, but now close to zero.

Site is now malware-free (tim thumb hack), but search results still showing site compromised, despite Google's assertion that once they know a site is clean, they will clean up their search results. It's been 3-4 weeks, still showing up as site compromised.

My developer is charging me about $675 for the clean up, despite the fact that neither WP nor Pinnacle had been updated. The claim is that I must have uploaded content on an unsecure Wifi connection (I didn't). This is on top of my monthly cost of $179 for hosting, e-mail, etc.

Are these charges standard in the event of a hack, i.e., cost of doing business?

I am looking for a new developer, who will undoubtedly build on another platform - he's mentioned OpenCart. I'm afraid to see what that's going to cost. By the way, site has about 30 "static" informational pages, and the store has several hundred products, and will probably remain under 500.

Any thoughts on platform?

Thanks.