If my site is hacked, I would prefer a warning rather than having my site shut down. This morning, while away from my office I got a notice from my website monitor that my site was down. It was. I went on the support system and found an alert that malicious files had been found with a few examples in the root folder--I had limited time but did delete all the crap PHP files that I found. Note that these were not new files and had been there a while. I then subscribed to SiteLock, while support was offering to remove files for an hourly rate. Since I subscribed to Enterprise SiteLock I preferred to clean-up files myself. I did get a response that while I had cleaned up the root, there were others sprinkled throughout a WordPress folder, so my site was still down. The offer to cleanup at an hourly rate was repeated. I submitted a ticket response that I had subscribed to SiteLock and couldn't I remove the files myself? I got no answer. Later today once I was able to work on the problem, I tried to configure SiteLock, but the configuration requires the ability to read from my site with HTTP in order to confirm an uploaded file that is part of the configuration.