Unfortunately it is all too common to find that hacked websites are operated by users who for whatever reason have no viable back-ups available to them. Where a website is hacked and there is no usable back-up available, there are two ways to end up with a clean set of files complete with all of your add-ons but without any dropped files.
Method 1: Cleaning the hacker files and hardening security
Cleaning up after your website as been hacked involves removing code or files that don't belong within your files and folders. Files that have been tampered with will be overwritten with clean, new, up-to-date files. This process requires automated scanning and some human intuitive snooping. Whilst this is the quicker of the two methods it is somewhat less thorough than the more comprehensive 'full clean re-build'.
Scan For Hacker Files
Content Management Systems are built from hundreds of folders containing thousands of files. Everyone has installed some form of plugin to extend their website. Some sites will have modified core files, this is a nightmare when it comes to cleaning up websites after a hacking incident, knowing what is needed to keep the site working is a skill all of its own. When you see reports of sites being hacked time and time again - it is invariably due to hacker files left behind creating back-doors which future hacking attacks will use.
The way we clean hacked websites
- We clean out the hacker files
- If log files are available we will trace the initial vector through which the site was compromised - usually an outdated extension - and we will update the extension and the core CMS itself if required
- We will install our own anti-hacker protection tools which massively increases the security of the website
- Unlike other 'security experts' we assure the quality of our work - we stand by our work and we stand by our clients and their websites. Read below for how we guarantee our work and your security.
Method 2: In-depth reworking of the CMS and hardening security
This service is targeted at clients who have made extensive customisations to core CMS files. Our standard in-situ de-hack service usually includes overwriting your core CMS files with a clean copy. For clients who have made extensive customisations this can be an issue - and whilst the process of editing core files is frowned upon, we do fully understand that sometimes business necessities override 'best practise'. Sometimes you just have to get the desired end result.
In these circumstances, the securing of a site involves significantly more work. We have to compare your files against 'clean' files and make sure that your edits are present but that a hacker hasn't inserted some edits of his own. Fortunately we are very good at what we do and so even though it is a significant extra workload, we have managed to keep down the extra cost implications to a minimum. We feel that this fee represents excellent value for money.
Our Security Guarantee
After we have de-hacked and secured your website we stand by you. We are not quick in and out merchants - we do not just take the money and run.
After approximately seven days we check your website again - and again after approximately thirty days.
If for some reason your website is re-compromised within this period, we will de-hack your website for free. Not only that, but your 30 day guarantee starts over. We are the only company we know of that guarantees our de-hacking in the manner described.
We can offer this guarantee because we are so good at what we do. We know that the odds of a recurrence of your issue are super model slim - and that if something does go wrong you deserve to be protected and not charged again. If you are thinking of using one of our competitors ask them if they offer a similar guarantee, and if they do not, ask yourself why not.