Do hackers have control of your WordPress website?

Having your WordPress site hacked is a scary experience. Let the experts at Your Right Website fix your hacked WordPress website and remove any malware that may be present. We offer expert WordPress malware removal and we can restore your hacked WordPress website to normal operation. Contact us today for your free consultation.

Schedule a Free Consultation

A man in a skeleton mask with sunglasses that show the reflection of computer code; a hacker.

Think your WordPress site might be hacked? Here’s what to look out for.

Some WordPress website hacks are obvious, while others are more subtle. If you experience any of the following on your WordPress website then your WordPress website might be hacked:

Installation of plugins that you don’t recognize
Unrecognized admin users in your WordPress dashboard
Pop-ups, redirects or captchas on your site that you didn’t put there
Weird results when you search for your site on Google
A sudden drop in website traffic
A warning from your browser or antivirus software when viewing your website
Website defacement, missing content or content you didn’t add
The inability to log in to your WordPress website or account

Here’s how our WordPress malware removal service works:

Our nine step malware removal process will clean and rebuild your hacked WordPress website into one that is clean and free of infection.

Step 1: We make a backup

The first step in getting your site back to normal is that we make a full backup of your website, including all files and database. This way, should anything go wrong as we try to remove the malware, we have a way to restore your website back to a previous state.

Step 2: We move cleanup efforts offline

We’ll begin cleanup of your website by moving all efforts offline using a local development environment. This allows us to build a malware-free copy of your website that will then be used to replace your live website with a version that we know is malware-free.

Step 3: We clean and rebuild your website’s file structure, using a fresh copy of WordPress core

Hackers may have infected the files on your website. Instead of trusting your current copy of WordPress, we’ll rebuild your website using a fresh copy of WordPress and any free plugins that you’re using. For premium plugins, we’ll ask you for a fresh copy as well.

Step 4: We clean and verify any irreplacable files, including your uploads and custom themes

For any files that we can’t replace with a fresh copy, such as files from your media library, we’ll inspect these files and ensure they don’t contain any hidden code or backdoors. We’ll also search your uploads directory for any hidden or malicious files and remove them.

Step 5: We clean your database and remove any malicious users or scripts

We’ll load your WordPress database in a text editor and manually search the database for signs of compromise, such as extra admin users or scripts that may be causing redirections.

Step 6: We get your website working locally and get ready to go live

After we have cleaned your website, we’ll have a copy of your website working on our local computer. We’ll test that the website is working as intended and that no signs of compromise still exist. We’ll also ensure that all plugins and themes are replaced with fully up to date versions. At this point we’re almost ready to replace your hacked live website with our clean copy.

Step 7: We take your live website down and remediate your hosting account

One of the ways that your site could have been hacked is through a compromised hosting account. We’ll remove all files from your hosting account, take your website offline and change all passwords to your hosting and cPanel. This helps to ensure that a compromised login to your hosting is not the source of the hack.

Step 8: We ensure your web hosting is up to date and ready for the clean website

We’ll check your web hosting and ensure that you’re running an up to date version of PHP. If you’re using a control panel like cPanel or Enhance and we find you’re using an out of date version of PHP that could be leading to a site compromise, we’ll switch your site to use the latest version of PHP that your host supports.

Step 9: We replace the hacked copy of your website with our known-good copy

We’ll upload our clean copy of your website to your web server. After cleaning all files on your website as well as the database, along with upgrading your hosting and changing all logins any attack vector hackers may have been using to attack your site should be gone.

Frequently Asked Questions

Have questions about our WordPress malware removal service? We have answers. If you don’t see an answer to your question below then contact us or schedule a free consultation to learn more.

How much does the malware removal service cost?

For our WordPress malware removal service, we charge a rate of $100 an hour. We have a minimum charge of one hour and then we bill in 15 minute increments for any additional time it takes to clean your WordPress website of malware. For the typical WordPress website, it may take between two and four hours to remove any malware, although your site may take longer or shorter than this depending on the size of your website, your web host and the depth of the malware infection.

You can also get our malware removal service for free when you sign up for our managed web hosting for WordPress for a minimum term of one year. When you take advantage of this offer, we’ll clean your WordPress website of malware for free, move your site over to our hosting and then manage all WordPress updates and maintenance going forward, ensuring your site stays up to date and free of future infections.

Can you guarantee that any infection will not come back?

Unfortunately, we cannot guarantee that your site’s infection won’t come back. There are lots of reasons your website might be hacked, including the installation of nulled plugins, compromised admin login credentials or a compromised hosting server. It is entirely possible that we fix any hack on your WordPress website but that your underlying hosting account or your web host’s server is infected, allowing for a quick reinfection. If this happens, the only way to be truly free of the infection would be to switch web hosts or wait for your host to clean their infected server.

In addition, if you’re using nulled or cracked WordPress plugins, using a compromised password or taking other steps that go against best security practices it is likely infection will re-occur.

For the best chance at preventing a re-infection, sign up for our managed web hosting for WordPress where we’ll keep your site up to date and host your site in an isolated container, which will prevent other websites from infecting your website. When you sign up for a year of our managed hosting, you get WordPress malware removal for FREE.

Is there the possibility of data loss due to the malware removal?

Yes. Unfortunately depending on how the hack has affected your website, there is the possibility that some data, including uploads, posts or pages may be lost if they are infected beyond repair. We’ll do our best to ensure that data loss is minimal, however we cannot guarantee that all hacked files or data can be repaired. Any items that cannot be repaired will need to be removed in order to ensure your website is not re-infected.

What is covered under the malware removal service?

We’ll handle any malware infections that have infected your WordPress database, core WordPress files, publicly available plugins and your site’s theme. If you have premium WordPress plugins, we’ll also replace those with fresh copies, which you will need to provide.

We cannot cover any custom functionality of your website that may be vulnerable due to being coded in an insecure way. We can check any custom plugins or functionality for malicious code, however if your website has custom functionality that is coded insecurely remediation of that custom functionality is not included in the scope of this service.

If we discover vulnerable custom code on your website during the malware removal process we will identify that for you and we can give you a quote to fix that as a separate project.

What if you can’t fix my hacked website?

It’s rare, but there may be cases where we can’t fix a website due to the extent of a hack. In that case, you will be billed at our hourly rate of $100 / hour for any work performed.

We’ll keep you updated as to the progress of your site’s malware removal as we progress with the malware removal process and work with you in the rare case that we cannot fix your site’s malware infection.

What sort of access will you need to my website to fix my website?

We’ll need full administrator access to your WordPress dashboard as well as to your hosting control panel, such as cPanel. We’ll also need SFTP and database access. If you are unsure of any of the credentials for these services we can walk you through how to find this information.

If you’re locked out of your WordPress dashboard we can normally restore your access to WordPress once we have the proper information to access your database.

Two Ways To Pay

Pay for our WordPress malware removal service by the hour, or get it for FREE when you sign up for one year of our managed web hosting for WordPress, which includes hosting, security updates and custom Matomo analytics.

Pay By The Hour

$100 / HR

Pay for the actual time it takes us to remove any malware from your WordPress website.

Schedule a Free Consultation

Free WordPress Malware Removal

FREE*

With the purchase of one year of our managed web hosting for WordPress.

Schedule a Free Consultation

* Requires a one year subscription to our managed web hosting for WordPress at $75.00 a month.

Think your website might be hacked? We’ll take a look for free.

If you’re not sure if your WordPress website has been hacked, we can help determine if your website has been compromised for free. Schedule a free consultation with us today and we’ll meet with you to determine the next steps for your website.

Schedule a Call