1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Safeguard your web work, so clients dont rip you off

Discussion in 'Web Design' started by mpulse, Jan 8, 2012.

  1. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    Ok So Im a web designer I run a company doing web design.

    Is there a way to have a fail safe way that if a customer dosent pay you. And locks you out of their hosting and FTP. The site that is made gets wiped away or can not be used. Or kill his whole server ftp?

    I say this cause in America. Lets say you leave your car at a mechanics shop. You owe the mechanic $600 and you only pay him $300. The mechanic wont give you your car back till you pay them in full. And if you don't pay he will sell your car and make whatever profit they want off it.

    Now if the situation was this way in the web world. I would be a very happy man. But its not! And some of these client are Shady as fuck!

    I once had a client that I was almost done with their site. The lady was acting like a bitch, so I decided to can the job and give her, her deposit back. Well her business partner (boyfriend) contacted me and said "if you put the site up. I will make sure you get paid, and you wont have to deal with us again"

    I did and I got fucked.. He lied and I ended up getting locked out of their server. Then getting all the gfx we did stolen along with it. And then they did a fucking charge back...

    I haven't had this problem till just recently. I had a client (a douche bag one at that) that is trying to pull the same shit.

    He did a charge-back on his CC in Nov and caused me to owe paypal $400. I took 2 of his sites down after I found out about the charge back. He did this over nothing, really. Nothing!!
    Shit was complete. Hes just trying to get more work out of me. And I dont play that game......
    And then threatens to retract his $250 deposit on that same job. And an additional $400 for another job. All paid with paypal.

    This is so fraudulent its not even funny. What a fucking scam artist.

    He locked me out of the CMS, his FTP and his hosting... I found a loophole with this asshole. That he dosent know about. And Im in the CMS and have full access to his FTP server now.

    But this may not be the case for all clients..

    So with all that said.
    WTF can I do to safe guard my shit?

    Im sure others have had similar issues.
     
    Last edited: Jan 8, 2012
  2. codo3500

    codo3500 Regular Member

    Joined:
    Dec 19, 2010
    Messages:
    335
    Likes Received:
    169
    It can be hard in these hard financial times to do this - but only do business with good people. I only do business with people that I genuinely like, and so far it's working out great for me. Accepting business off assholes was my biggest business mistake that I've ever made.
     
  3. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    I agree 100% codo!

    Now im doing that too... Made the rule for us a few weeks ago.

    Unfortunately, you may not know how shady they are till its too late sometimes :(
    You can be an excellent judge of character, but people are still greasy greedy bastards undercover...
     
    Last edited: Jan 8, 2012
  4. Dannn

    Dannn Newbie

    Joined:
    Jun 1, 2011
    Messages:
    36
    Likes Received:
    13
    Occupation:
    Executive Director - Maryland SEO Firm
    Location:
    USA
    That's a great question though mpulse.

    I wasn't able to relate ... until I experienced it first hand today actually. I run a digital marketing agency with my partner, and we designed a GPT website for a 'client'.

    The guy took our custom design and implemented (we were showing him different designs), put it into photoshop ... made a horrible modification to it, but the core was still there, removed our watermark and never responded to us (or paid us). Some clients are extremely slimy, but there really isn't much to do over it. Not big enough genuinely to take legal action over, and with businesses you try to keep it as whitehat as possible (revenge isn't worth it).

    It really blows, but shows you how important it is to know who you are dealing with before hand. I've noticed though that legitimate offline businesses we've worked with have generally been the best and online marketers/businesses are where things can start to get hazy/iffy.
     
    • Thanks Thanks x 1
  5. flaw3d

    flaw3d Regular Member

    Joined:
    Feb 10, 2011
    Messages:
    202
    Likes Received:
    39
    1.) design and show the client your work on your server. Never upload client work unless payment is made.

    2.) try to get payment in check. Not always possible but if can happen.
     
  6. TNphoneman

    TNphoneman Senior Member

    Joined:
    Dec 15, 2010
    Messages:
    1,177
    Likes Received:
    695
    The deposit always needs to be enough for you to cover costs. This way you can keep going and write off the non payment and send then a w9 so they have to pay taxes and you can deduct that amount. This is of course assuming that you are running this as a business and not under the table.
     
    • Thanks Thanks x 1
  7. joker790

    joker790 Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 9, 2008
    Messages:
    126
    Likes Received:
    173
    Occupation:
    SEO consultant
    Home Page:
    I always take 50% of the money upfront which always pays for the complete project (according to my costs). I don't transfer the site to the client's server until I receive the remainder 50%.

    =)
     
    • Thanks Thanks x 1
  8. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    Correct, in my case its a corp. But this guy also paid and then charged it back to his bank. Through paypal.
    in other words, it was a credit card transaction made through paypal. then 2 months later he charges it back. Then demands more work us.

    So in essence his project was done and paid for till he charged it back to his bank. And paypal will not cover or be part of their"seller protection" if its a service of any kind.
    So this went on for a few months till I finally lost the dispute. After sending numerous receipts and emails from him saying things were complete. And proving this was not just a fraudulent random charge on his credit card.

    Ill look into the W9 charge off thanks for the tip ;)
     
  9. iiaok

    iiaok Regular Member

    Joined:
    Apr 8, 2010
    Messages:
    394
    Likes Received:
    184
    Occupation:
    Pro Apple Bobber
    Location:
    Pinterested.
    Maybe try this, especially for the first experience with a new client...keep the images and even the css info hosted on your own account.

    If they screw you over, rename the files or take them down. Will the site still be there? Sure. But it will look amazingly awful.

    After they pay and you both are happy, move everything over to their account.
     
    • Thanks Thanks x 3
  10. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40

    Wow what a coincidence!
    Sorry to hear a fellow webdude gettin screwed. My condolences brother!

    Yeah mine is brick and mortar too. Its rough these days as a designer of any kind.. Intellectual property is hard hell to prove when stolen.. The people you deal with sometimes are just sketchy as hell sometimes.
    I had a client the other day that was basically trying to run an advertising scam on people (at least my take on what he was trying to do). Then only wanted to pay $99 for a basic home page package... But expect a banner system with logic built into it. Basically a custom job. All for $99 Get real.

    I rarley get these sort of situations. But its always good for next time. To have a battleplan prepared for just such an emergency.

    In this case, this guy will end up loosing out not me.
    He didnt pay, or may I say completely pay for his project. So his sites are all not operational. My last encounter with this situation.. I ended up loosing. If he were to pay me (with a non-reversable method) I would out of ethics put everything back the way it was. Would I want to no. But thats the kind of business I run.
     
  11. mark27

    mark27 Regular Member

    Joined:
    Dec 19, 2011
    Messages:
    224
    Likes Received:
    105
    Edit: I might've gone a bit too far here but to sumarize, try to avoid working with a$$holes and if you have to, watch your back.
     
    • Thanks Thanks x 1
  12. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40

    The way we work

    We get 50% deposit
    We keep all projects on a production server.
    Then they pay and that night we move it over to their server.

    Unless they seem like a good client. Then we will before final payment. And that's alright. Cause they would be a cool customer.

    Its when clients get their stuff, then takes back their money and LOCKS YOU THE FUCK OUT. :eek: Then threatens you to do more shit or they will charge back more from other projects. kinda shit lol
     
  13. the_demon

    the_demon Jr. Executive VIP

    Joined:
    Nov 23, 2008
    Messages:
    3,177
    Likes Received:
    1,563
    Occupation:
    Search Engine Marketing
    Location:
    The Internet
    Take him to court for fraud.
     
    • Thanks Thanks x 1
  14. TNphoneman

    TNphoneman Senior Member

    Joined:
    Dec 15, 2010
    Messages:
    1,177
    Likes Received:
    695
    This is also a good lesson for you, if they pay via PayPal then ALWAYS refund via PayPal so that there is nothing to dispute. Use the refund button. I had one that wanted a refund to a different paypal account and I said no and refunded the original payment.
     
  15. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    I was thinking that.......
     
  16. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    Great point!

    But with what happened here, is it was all out of the blue.

    It wasnt like a fight or anything happened between us. Nothing of the sort. Everything was peachy freakin keen, till he just up and charged it back. So it never even gave me the opportunity to even give him a refund. Yet talk about anything
     
  17. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    Does anybody think its wrong that he paid us SOME money not all the money, so we disabled his websites?
     
  18. Zapdos

    Zapdos Power Member

    Joined:
    Oct 22, 2011
    Messages:
    597
    Likes Received:
    708
    Location:
    Eastern North Carolina
    Haven't bothered reading previous posts since it'll probably be nearly all theory and saying sue them... Practical advice:

    1) If you live in the U.S. and you deal with English speaking clients then you should ONLY accept cashiers checks, bank transfers or other similar non-reversible payment types. If you use paypal then you're just asking to be scammed. The only possible good thing is paypal doesnt 'support' digital goods/services; if they try to do a chargeback via paypal then just ignore them and don't respond. It'll escalate to a paypal mediator and they'll tell the person the same thing.

    2) Always make the website on your own server. If they need/want access, give them limited access to the admin panel only. No FTP, no MySQL, no cPanel.

    3) Before giving them access to a milestone update, encrypt critical files with IonCube with a lock to your domain.
    3.1) You can also put in a 'css destruction' technique which nukes all the sites css files. I did this once for a client who was sketchy and it worked wonders.
    Note: You MUST have something in the contract letting them know of this! You cannot just nuke a site as the court would likely rule in their favor as destruction of property. You should also make note that until final payment is received, everything on the website including the design is owned by you. If payment is never finished, you're allowed to resell, reuse or do whatever you want with all of it.

    4) Give them the site with full access, but host the css file on your server/a cdn. Most people won't notice that its not on theirs. If they reverse payment or don't pay, just take the css file down and then their site is practically useless.

    5) If you're good at SEO, consider making a website for them/their company with 'companyNamearescammers.com.' Put up all the info you have and SEO the hell out of it. Get it above their own domain. Combine this with anything/everything before this and you'll effectively kill whatever they're doing.




    Just always be sure you're legal. If you're not, you can get the government on your ass for fraud, copyright infringement, hacking etc.
     
    • Thanks Thanks x 1
  19. kigguhholic

    kigguhholic Newbie

    Joined:
    Jan 9, 2012
    Messages:
    47
    Likes Received:
    16
    I've had this problem before. And this is the best way to get rid of the problem:

    Well first, place these files in your private server, not the client's server: .js, .css, .png, .jpg, other image files
    So now change the coding that will be placed on the client's server to have these files routed from your server so if you delete or rename these files from your server, he no longer has access to these files.

    If you want to take it a bit further: I'm assuming you know server-side programming.
    You can either do:
    1)Separate the contents of the website into smaller files and store them in your server and use include or require functions to recall those files from your server.

    2)Place contents of the website into a database from your private server and code so that it'll read accordingly
     
  20. meatro

    meatro BANNED BANNED

    Joined:
    Nov 21, 2009
    Messages:
    568
    Likes Received:
    997
    First of all, don't ever put the site on their server until they've paid in full. If they're trying to rip you off, they're not going to pay, period. If they're legit, they will pay you. It sucks, but us designers are a favorite target of shitty business people.

    Second, going to court is going to be useless unless it's a large contract. You're going to spend way more time and money trying to get your payment than the payment itself is worth, so make sure your ducks are in a row BEFORE it gets to this point.

    Third, make sure your contract is airtight and leans heavily in your favor. Do this to avoid that dick client with the "one last thing" personality. They'll 5-10 minutes you to bankruptcy if you let them. Nothing shady business people like more than free work.

    I really like the idea of hosting their CSS files on your server. I've hosted entire fucking databases from my server and when it came down to it, I removed that database. (You can go snag a CSS file if you're somewhat savvy, you're not snagging a SQL database with Joe Schmoe knowledge.)

    If it's a static HTML website, I don't show them ANYTHING. It's not on my server, it's not on theirs, they don't get the PSD. They get HEAVILY watermarked JPG files. Knock yourself out cleaning that thing up, it says my name and URL in huge letters diagonally throughout the entire image and if they even tried, they'd have to resize it and pixellate it to high hell.

    Always charge more than 50% deposit, don't give them any advantage. Again, legit businesses aren't going to have an issue with 75% or even more, simply explain the realistic efforts and expenses that go into creating a good website. I won't even listen to what you have to say for 50%... I will listen to you walking the other way to go get the rest and that's it.

    BURY it in your contract that you're permitted to access their entire hosting account. While you're in there, make your own accounts (FTP, SQL, CPanel, etc) and if they ask, just tell them you didn't want to disrupt their session if they connected FTP. That way, if they jerk you and change their passwords.. Try to get into your accounts to recover your shit. 90% of the time FTP and CPanel will work, 100% of the time they're not going to notice you made a SQL account with 100% permissions to their database. ;)

    Back it up and drop the tables. Then sit back and wait for the inevitable phone call... Yeah.. I have your database. You want it?

    I've had to go through this a lot being in design for so long and the best advices I can give you are there..

    1. Don't deliver without the cash. Tell them you don't take CC. You take cashiers checks, money orders and other secure methods.
    2. Your contract should be almost entirely in your favor, except for the part where if you don't do your job you don't get paid of course.
    3. Do not put the site on anything that they control, server, archive, nothing, until they've paid. People are crafty and it's not hard to pretend not to know how to rip a site.
    4. 50% deposit is not enough.
    5. Ensure that you have access to their site, FTP, CPanel, SQL.. DO NOT TOUCH THEIR EMAIL! THIS IS A FEDERAL OFFENSE!!
     
    • Thanks Thanks x 1