Restoration and securing of hacked and compromised websites

Hacked websites can be disastrous for your search engine rankings - not to mention your clients and business. 

What we do

We offer the following services:

  • Restore hacked and compromised files on your web server where possible (sometimes this can even be done if all files have been deleted - although this is not always possible). 
  • Secure your database and website so that the chances of another hack are minimal.
  • Analyse where the attack may have come from internally (e.g. a virus on a computer in your company, a compromised email or social network account) and work with you to bolster up any weak areas we find so the chances of these compromises happening again are reduced to a minimum. 

We also offer the above services where a site has not been hacked i.e. if you'd simply like to reduce the risks of this happening. 

Costs

For sites that have already been hacked, we analyse the damage on your site and let you know if we believe we could restore it and approximately how long this would take. This analysis is done at an extremely competitive rate. 

From there you can decide if you'd like the full service described above or only part of it.

For sites that have not been compromised, but for which you'd like to have a security audit on, the service is the same i.e. an initial analysis, a quote and then onto strengthening the site against possible attacks.

All projects are charged by the hour. Please see our FAQ below for more information on this. 

Frequently Asked Questions

  • Do you fix up our search engine listings as well once the site hack has been fixed? 
    We work with you to inform search engines that the site hack and any malicious software has been removed from your site using their official reporting forms but we cannot guarantee the speed with which they will respond to these reports as we do not have any direct line to any search engines (nor do any other companies in this business). 

    In our experience, however, these reports generally get acted on rather quickly. 
     
  • Do you require our passwords to secure our website? 
    Some of them. All passwords provided will be kept in the strictest of confidence, strongly encrypted and stored in a very secure manner.

    Please note that we will never ask you for your password via email

    Once we are finished with our work you are encouraged (in fact, we insist on it) to change any and all of your passwords whether you shared them with us or not. 
     
  • We deal with sensitive client information. Can you be trusted? 
    All information you share with us will be kept in the strictest of confidence and never shared with third-parties. We cannot, however, guarantee that the information has not already been previously disclosed as a result of any compromises of your website or internal systems. 
     
  • Why do you charge by the hour? 
    In restoring your website we may come across more security holes or problems than originally expected. This is a common problem. We will always quote a little above our expectation so that there are no "surprises" on your bill but we will only ever charge you for the time we actually spend on the project (i.e. if we estimate and quote you for 10 hours and take 8, we would bill you only 8). 

    This is a non-negotiable point unfortunately as we have absolutely no control over the state of your web-server nor any weaknesses we may find on your site, your company's choice of passwords, anti-virus software (or lack thereof), operating system errors, lack of software and server updates, etc. 

    We will, however, keep you informed every step of the way as to costs and if at any point you wish to terminate our services we will bill you only for the time we spent and provide you with a full report of any additional weaknesses we may have found by that time. You are then welcome to get these weaknesses fixed by another company, or to leave them unfixed altogether. 

    We will keep you informed every step of the way. 
     
  • Do you guarantee that our site will never be hacked again?
    No, as many aspects of this are, to a large degree, far beyond our control. For example, your IT department could change your passwords to weaker ones one day by mistake.  Also, new, previously unknown vulnerabilities in software and the web are always being discovered. We have no control over these. 

    We do, however, do our best to ensure that you and, if you wish, your staff are fully informed as to how to best protect company-sensitive information as well as ensure that all possible avenues of attack for your site have been minimised. 

    If you'd like, you could also call us once a month or so to review your site's security so as to reduce any future attacks even further. 
     
  • What about DDoS attacks? Can you protect us from those? 
    Yes and no. Unfortunately, the success of a Denial-of-Service attack is largely dependent on the type and setup of your site's server - as well as how well it is maintained. We do not offer hosting services but, if DDoS attacks are common to your organisation we can suggest some companies to host with that offer this as one of their features. 

    There also other ways to minimise the chances of these kinds of attacks. We can guide you in implementing these if you wish. 
     
  • How do websites get hacked? 
    In many different ways. Most of the attacks visible on the web today are actually not very advanced and come from commonly known and easily exploited flaws in different systems. 
     
  • There are many such possible flaws and to list them all would take a book (in fact, it has).

    Then there are more advanced attacks. These are rarer as they require more advanced knowledge of web servers to execute.