Hacked Site Repair
Malware removal and site repair

It is every website owner's worst nightmare but do not panic, we are here to help.

Below you will find details on:

1. How you can avoid your site being compromised in the first place.

2. What we can do to help

3. Costs in time and money

4. Legal responsibilities

page not found

Prevention Is Better Than Cure

We have been accused in the past of nagging our clients a little about website security. The biggest complaint we hear is the extra time or cost it takes to keep things secure, trust us it is nothing compared to the time and money that will be wasted should your site get hacked.

Most web hosts provide excellent server security, here at 3001Web we use some of the best server based security available, but here is what it cannot protect against:

  1. Badly coded or insecure free plugins for WordPress
  2. Outdated plugins or themes
  3. Weak passwords created by you or your customers
  4. Excellent hackers who find new WordPress vulnerabilities

 

There are several things you can do to help prevent your site being hacked.

  1. Make sure your plugins, themes, and WordPress core are all kept up to date at all times. If you are on one of our managed hosting plans, we will take care of that for you, and we check DAILY for updates. If you are not one of our clients, come join us, we will even move your site for you.
  2. Sometimes developers stop updating free plugins or themes, this is referred to as the plugin or theme being “abandoned”. These need to be replaced immediately, plugins and themes can get insecure very quickly if they are not updated regularly by the authors. To avoid this where possible, we recommend you use only premium themes or plugins. We inform our hosting clients if this happens. If you are not hosted with us, you will need to constantly check your plugins are still being actively developed.
  3. Set your site not to accept weak passwords for administrators or your clients if they have the ability to log in to your site. There are WordPress plugins that can enforce this. If you are a 3001Web client, pop in a support ticket, and we will add this to your site for you.
  4. (Highly recommended) enforce 2fa for all logins to your site. This is one of the most effective defences to prevent login breaches, it adds all of 5 seconds to your login time.
  5. Make sure your site has a firewall and brut force login protection at site level to add an extra layer of security on top of your server security. If you are on one of our managed hosting accounts, we will have added this for you.

How we can help if your site is hacked. (3001Web Clients)

Step 1

If our server software picks up an infection on your site, it will try to mitigate that quickly by quarantining or removing the infected files. We will then need to a deep scan of your site just to check that the automated scans did not miss anything. We will inform you if this happens to your site. (see pricing below)

If the infection was not detected by our server scanners, and you think your site has been hacked, you should let us know immediately.

The first thing we will need to do is to turn off your site and email to prevent any malicious code affecting your visitors or our servers' reputation. Your site will not be turned back on until it is clean, under any circumstances.

We will then need to perform a deep scan of your website to find the infected files and details of the infection. Please be aware that for larger sites this can take several hours.

Step 2

We will then communicate with you to find out if restoring a previous, uninfected backup is an option. For information only websites, this is often the fastest way to fix the issue, but may result in you losing any changes to your sites' data after the date of the backup we restore. If we do use this method, we will then spend time reviewing your site's security and may insist you take certain actions.

Step 3

If the infection is file based malware, and restoring a backup is not an option because you would lose data like orders or leads, we will clean, remove or repair any infected files manually using our malware removal service. Bear in mind, a medium-sized WordPress site can have 10,000–50,000 files. This can take a while to complete.

Step 4

We will review your sites' security at the site level and may insist you put things like 2fa in place, replace any security plugins you have that did not prevent the attack and replace any abandoned plugins or themes.

NOTE

If the hackers have infected your database, this is much more difficult, and time-consuming to correct, and can extend the repair time.

How we can help if your site is hacked. (Non-3001Web Clients)

We may still be able to provide this service to you. Please be aware, before contacting us, we would need full access to your hosting account and admin access to your WordPress site. See non client pricing below.

Costs

There is no sugar-coating this. Repairing a hacked site properly is not cheap, this is why we nag you all about security so often.

While there are automated scanners and programs that claim to be able to clean a website, they frequently miss infected files and backdoors allowing re-infection. To do this properly and hopefully prevent re-infection, the job should be done manually by an expert.

Deep Scan To Check For Infections

This can take anywhere from 1 hour to 8 hours. We perform this for a fixed price

Cost for 3001Web Hosting clients £29
Cost for non-3001Web Hosting clients £39

Manual Malware Removal

Our malware removal service includes:

  1. Clean and Fix WordPress, even custom coded sites.
  2. If necessary, installing Custom Website Security just for your site to help Protect Against Future Attacks.
  3. Removing WordPress malware, malicious code, backdoors, trojans, and all viruses.
  4. Fixing browser or link redirection hacks.
  5. Fixing the “This site may be hacked” message on Google.
  6. Performing WordPress malware removal and cleaning up of rogue files.
  7. Helping prevent your site from being reinfected.
  8. We work manually so you don't lose data.

Cost for 3001Web Hosting clients £197
Cost for non-3001Web Hosting clients £249

***Without exception, all fees for malware removal are payable in advance of the service being provided.

While you are not legally obligated to report a website malware infection to authorities in most cases, it is strongly recommended to do so if the malware poses a significant risk to users, such as stealing sensitive information or causing widespread disruption; you should contact relevant cybersecurity agencies or law enforcement depending on your location and the severity of the infection.

Key points to consider:

Immediate action:
If you discover malware on your website, prioritize removing it as soon as possible to protect users.

Report to relevant platforms:
Inform platforms like Google Search Console if your site is flagged for malware, as they can help you resolve the issue and prevent users from being warned about your site.

Contact your hosting provider:
Your web hosting service can assist in identifying and removing malware from your website.

When to contact authorities:

Large-scale impact: If the malware is designed to steal large amounts of data or significantly harm a large number of users.

Sophisticated malware: If the malware is particularly advanced or utilizes new techniques.

Illegal activity: If the malware is used to facilitate illegal activities like phishing or identity theft.

Where to report:

Cybersecurity agencies:
Many countries have dedicated cybersecurity agencies where you can report malware incidents.

Law enforcement:
If the malware is used for criminal activity, consider reporting it to your local law enforcement agency.

3001 Web Hosting Clients Submit Support Ticket
Non-3001Web Hosting Clients Contact Us