WordPress and Website Hack Repair

WordPress and Website Hack Repair

If you are experiencing an emergency and need to speak to someone directly then please call 01925 500 121 or use the live chat on this page. We can heal and repair your hacked WordPress site by following a strict sequence of steps which are described below. In order to make this article educational I will document the steps taken to fix a hacked WordPress site:

The Anatomy of WordPress and cutting out the WordPress core

I think of WordPress in two parts, for the first part we have the core of WordPress, the bit of WordPress that is the same on every single website, essentially the core CMS platform itself. Then secondly we have wp-content folder which is home to the customisations in your site, the theme, the plugins, everything that makes it different from another WordPress site.

If your website has been hacked or defaced then any file within both core and custom areas of the file system might be infected. To eliminate a huge portion of the search for injections, we simply delete the whole installation and leave the wp-content folder and the wp-config.php and .htaccess files intact. Everything else is literally deleted from the hosting account.

Reinstallation of WordPress and scanning of wp-content

We now download the latest version of WordPress and transfer all of the files onto the hosting account, we have essentially now merged a brand new latest version of WordPress with the customers custom site. Effectively you end up with a clean and up to date WordPress site which has now got infections only within the wp-content folder.

We install WordFence on the site and execute a full scan using WordFence. At the same time we use Maldet (malware detect) and ClamAV which are very popular Linux virus scanners. We then discover a list of injected theme files and plugin files. Infected plugins are deleted and reinstalled from the trusted source, and we flag these plugins for review later.

Audit and upgrade site plugins

If a plugin was infected we check if the plugin was up to date or not. If the plugin was up to date, but is old, we recommend to the customer that the plugin should be replaced with a secure alternative. We can also provide a quotation for the implementation of the new plugin replacement. If the plugin was not up to date then we trash the infected plugin and download the latest version from the trusted source.

Manual inspection of template files for malware injections

We scan through each of the theme template files manually, visually looking for the presence of byte encoded or obfuscated code, our experienced security person can quickly spot these injections and remove them. We look at the file system timestamps for recent edits.

Manual inspection of plugin files for malware injections

We scan through each of the plugin files manually, visually looking for the presence of byte encoded or obfuscated code, our experienced security person can quickly spot these injections and remove them. We look at the file system timestamps for recent edits.

Manual inspection of .htaccess file and WordPress core folder

We manually inspect the htaccess file for redirects, and unexpected directives.

Handover site back to the customer

If all scans and manual inspections come back clean, then we are willing to call the site fixed and hand it back to the customer. In most cases the fixed site will be in a better state than the original, even before it was hacked because the customer has a fully updated WordPress site with updated plugins. We also return the site to the customer with a security firewall installed on it.

For this service, we charge a one-off rate of £60.00 which includes 3 months of reinfection cover, if the site becomes reinfected within 90 days we will continue to work on it at no extra charge.

Create Account Contact Us

Why Choose Us For WordPress and Website Hack Repair?

We’ve got plenty of experience fixing WordPress and have repaired many sites, we’ve pretty much seen it all before and can quickly diagnose and fix an insecure site.

If you feel that your current service or support isn’t fit for purpose, then we will give you a completely FREE hosting migration whereby we copy your website, emails and databases across to our server and from then we can support you going forward. Read more information about the managed web hosting service

We can run very thorough malware scans that will find hacked files. We use MALDET and ClamAV for this purpose. In our upcoming server update due in March 2019 we are rolling out immunifyAV instead. This will provide you will the industries most sophisticated malware detection platform.

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Dolore impedit quae repellendus provident dolor iure poss imusven am aliquam. Officiis totam ea laborum deser unt vonsess. iure poss imusven am aliquamLorem ipsum dolor sit amet, consectetur adipisicing elit.

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Dolore impedit quae repellendus provident dolor iure poss imusven am aliquam. Officiis totam ea laborum deser unt vonsess. iure poss imusven am aliquamLorem ipsum dolor sit amet, consectetur adipisicing elit.

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Dolore impedit quae repellendus provident dolor iure poss imusven am aliquam. Officiis totam ea laborum deser unt vonsess. iure poss imusven am aliquamLorem ipsum dolor sit amet, consectetur adipisicing elit.

Our Client Say

Michael constantly goes out of his way to make sure his customers are happy

- IT Services 4 Me Limited https://www.facebook.com/borgdigital/reviews/

It has gone smoother than I could ever imagine

- Andrew Penketh - ADP Web Design https://www.facebook.com/borgdigital/reviews/

My website is now super quick

- Les Amos - Warrington Direct https://www.facebook.com/borgdigital/reviews/

Amazing Service

- Nick Jackson Marketing https://www.facebook.com/borgdigital/reviews/

We felt really lucky when we were given Mikes number…

- Mark Boardman - HTS Clinics https://www.facebook.com/borgdigital/reviews/

I am thoroughly impressed with Borg Digital…

- Rachel Evans - Facebook Review https://www.facebook.com/borgdigital/reviews/

Fast, really really fast!

- Lewis Mercer - Facebook Review https://www.facebook.com/borgdigital/reviews/

0

Customer relationships

0

websites managed

0

positive reviews

0

Awards Won