Every hour your site is down costs you money… from lost sales, to wasted advertising dollars, to fielding angry phone calls. When your business is on the line, waiting around just is not an option.
Website malware cleanup without preventive security. Preventive security without backups. What good is a company really doing for you when they define security as only one part of the whole problem?
What good is malware removal without preventive security if the hack will just come back in 2 weeks? Unlike others, we simply won’t do a hack repair that doesn’t also include security protections.
The most likely time for a hacker to try to break back into your site is right after you clean up the malware and secure the site. You should never have to pay twice for the same clean up service inside of a month.
Getting a confusing email response every 2-3 hours while working with your “support” team isn’t helpful when the chips are down. That’s why we make a point to keep our phone lines open.
If the problem can’t be fixed, you shouldn’t have to pay for the process of finding that out. In the event that your site can’t be repaired you won’t even need to ask. We’ll refund your money with no questions asked.
Assess the Damage: Quickly
While website hacks and malware have a limited number of variations, some of them are known for doing more damage to your website and your business than others – particularly if you have been hacked more than once.
By the same token, every company has different security needs. A bank or an e-commerce site with tens of thousands of daily visitors, paid marketing campaigns, and the like are going to need much more security to keep their site stable than a mom and pop shop with only one hundred site visitors per month.
The first order of business is to determine what the right fit is for your business. Too much security would just mean unnecessary cost. Too little would mean too much liability. But with the right balance, you can stop worrying about security and get back to worrying about what matters most to your business – growth.
Clean Up the Mess: Completely
Waiting days for an email reply from a faceless security and support rep is inexcusable. If your website is down due to a security breach, the odds are good that while you’re waiting around for someone to get back you, your business is burning to the ground – with marketing dollars going down the drain, sales virtually stopped, and a flood of support calls coming in from your customers all at the same time. What good is a security company if you can’t even get ahold of them when you really need them?
Once the assessment is done, the next order of business is to get the site cleaned up – quickly and completely. Because the one thing you can bet on is that if the site isn’t completely cleaned on the first run – with either hacker backdoors or malware left on the site – the damage is going to return and likely with a vengeance. And the truth is that having to deal with this once is bad enough… let alone having to repeat this whole ordeal.
Once the site is back online, the proper marketing partners need to know. Google needs to know you are clean and any blacklists you may have landed on need to clear you so that your business can get back to normal operations.
Secure the Site: At All
Once the clean up is done, we need to lock the doors. After all, if you don’t lay down appropriate security after a clean up, the same hackers that took down your site in the first place will just be back to hack you again. And then you would have to repeat this whole painstaking process.
That’s why, unlike other security organizations, we make it a point to include basic security lockdowns in every hack repair that we do. What would be the point of cleaning up a mess without doing that if you’re just going to get hacked again in 2 weeks?
That’s part of what we call “full problem ownership”. While some companies may offer security without hack repair or malware removal, others might offer maintenance or backup without security. But as a business, you need all of the above to be secure and it’s preferable if you don’t have to work with 10 different companies and a go between to take care of all of those things.
Stay Protected: Future Proof
The last step in the process is to keep the site clean for 30 days. Since the most likely time for a repeat breach by the same hacker is in the month following the first hack, we make it a point to monitor the site for 30 days after a breach. If the hack comes back, we take care of the problem again and adjust the security at no extra charge to you. And if the attacker is particularly good at breaching your site, then we can recommend additional or next steps to ensure that you have the right fit security for your business.
Of course, a flu shot is only good for a season. And since hacks and malware are seasonal – each season lasting around a month – it’s imperative to make sure that your site is able to defend against the threats that arise that month. If your business simply can’t afford to deal with another large scale website hack or malware infection again, then ongoing intrusion monitoring, emergency response clean up, backups and security updates are all part of what you need to keep the damage that your business can incur at a minimum. If that’s what you need for your business, check out our security plans to stay protected at all times.
As a website owner, very little can leave you feeling shocked and vulnerable more than when your website it hacked – and rightly so. The hack could be as simple as having some unwanted verbiage on your website or temporarily losing control over your site. But given the right circumstances, the hack could be much more severe. If your business depends on the leads and sales you receive from your site, you could potentially be looking at lost revenues or customers because of the hack. And one thing is certain no matter what the hack is. If you don’t act quickly, it will leave more permanent scars on your site by damaging your SEO, your online reputation, or worse.
When you think you’re site has been hacked:
Do NOT panic! Panicking will not help you fix the problem.
DO act quickly. Waiting will only allow the damage to set in.
Do NOT waste time looking for people to blame. Many times you won’t find anyone to blame but yourself. It’s better to just deal with the problem and move on.
Do NOT expect a site restore from a backup or automatic cleaning to make the problem go away. Those tools are helpful parts of the process, but without addressing the root problem behind the hack, you’ll just get hacked again and likely worse than you were hacked the first time.
Do start gathering up as much information as you can about what happened, when it happened, and what your server login information is. That will all be necessary information as part of the process of repairing the hack.
Get started with your hack repair now!
In most cases, it looks like your site is either broken or has clearly been hijacked by someone else. In many cases, it will also be advertising or doing something you didn’t ask it to like advertising offshore pharmaceuticals, sending spam, or downloading viruses onto visitors’ computers.
The biggest sign of a hack is when you either receive a warning about it or notice something obviously wrong with your site like spam ads on your site or search results or noticeable defacement to the site. Another red flag is when your website tries to download something onto visitors’ computers when it’s not supposed to.
The most common warnings about suspected hacked sites are:
Google: “This site may harm your computer”
Google: “This site may be compromised”
Google: “This site may harm your device”
Google: “This site may be hacked”
Chrome: “Warning: Something’s Not Right Here”
Chrome: “Danger: Malware Ahead”
Firefox: “Reported Attack Site”
Internet Explorer: “This website has been reported as unsafe”
Safari: “Warning: Visiting this site may harm your computer”
There are several kinds of hack including (but not limited to):
SQL injection – Where a hacker either inserts bogus content or user accounts into your site or pulls data they should not have out of the site (e.g. user accounts)
Spam hacks – Spam hacks involve using your site as a marketing tool for something else like pharmaceuticals (called the “pharma hack” or “pharma injection”), watches, or services in other languages. Sometimes this comes in the form of spam comments. Other times it’s in the form of content on your site (pages, parts of pages, etc).
SEO or Google hacks – SEO hacks are when the hackers only display their hack to Google so they can improve their own SEO rankings or site traffic. Typically the first sign that you’ve been hit with this hack is a warning like “This site may be compromised” or “This site may harm your computer” next to your website links in Google.
Base64 hacks – This hack allows a hacker to run whatever code they want to run on your website in a well-hidden way because they are “obfuscating” their code so it’s not easily readable. Usually between hiding the code and clever naming of the files that they infect, they are able to hide what they are doing making it easy to notice that you have been hacked, but hard for most webmasters to find the hacks. These base64 hacks using base64_encode or base64_decode functions from PHP are some of the more common hacks and span the realm of hack types from spam hacks, redirection, unauthorized downloads, back doors, botnet server control, mass emails and more.
Eval hacks – While some hacker code tries to hide via base64 encoding, some of the newer breeds of hack use alternative methods of hiding their hack code like displaying their code in reverse order so you can’t search for it manually, breaking up the code into blocks of say 5 characters at a time and then combining those, or downloading the code they use from a hacker’s website when the page loads so that the hack code largely isn’t even on your site.
Server rooting – While many hacks target holes in the security of the website, some hacks target vulnerabilities in the the server. In some cases this is related to unapplied security patches to your server’s hosting software or operating system. In other cases, the hacker finds a way to upload “rooting” tools to your server so they can take over the master user account on the server and completely control your server – not just your website.
Brute force hacks – While newer hacks use more sophisticated methods of detecting security flaws, modern computing power has made it still feasible to try brute forcing your way into a website. In some cases, the hacker will try brute force to log into your website admin (e.g. WordPress, Drupal, or Joomla). In other cases, they’ll target your FTP, registrar, hosting, or SSH logins to gain some larger control over your site, your domain, or your hosting control panel.
Vulnerability probing – In the same vain as brute force attacks, there are also brute force methods of searching for security vulnerabilities. Either through freely available hacker software or their own custom written malware, if you notice a spike in 404 errors on your site for pages that do not nor ever have existed, it’s likely that your website is being probed for security holes so that a hacker can find one to break into your site.
Denial of Service or “DDoS” hacks – DDoS hacks are intended for one purpose: to bring your site down. While not the most common type of attack, a DDoS can be devastating for a site owner who does not know how to combat it because a distributed list of requests to your website from all over the world simply overwhelm your site and keep it down until the DDoS is over or you find a way around it.
Botnet or mass email hacks – Botnet hacks are hacks intended to control multiple servers or websites to distribute some sort of content (emails, website spam, malware, etc). In some cases, a hack will also take over your server by sending thousands of emails out to distribute spam or phishing emails to as many people as possible. Frequently such hacks will find your website and/or email addresses blacklisted and your webhost will often shut down your site when they detect such hacks.
Vanity hacks – Vanity hacks are when a hacker hacks your site for prestige to show that they can hack sites. Usually these are denoted by messaged that say “hacked by…” and the name of the hacker.
Fraud or data theft hacks – For sites with large lists of users or that contain e-commerce or donation components, hackers may also try to break into the site to steal user or credit card data, put a tap on credit card forms to steal credit card info on the fly as your site processes credit cards, or even in some cases to buy from or donate to you using your online e-commerce or donation components to test a bunch of stolen credit cards.
It can. Google and other search engines do understand that getting hacked is not necessarily your fault, but they also have to protect the people they would otherwise send to your site. Once they find out that you have been hacked, they warn people about that before letting them visit your site. If you don’t address the problem quickly, they may also dock your search rank.
That depends on the hack. In most cases it can be fixed within a day or two. But when you’ve been hacked by a savvy hacker, it can take more time to determine how they’re breaking in and to block them.
It depends on the hack. If the hackers simply added some code or files to your site, it’s usually pretty quick to remove that. If they have done damage to the content or appearance of your site or if they have infected your server/hosting with malware also, it’s a much more complicated fix. In many cases, the hack can be removed, your site can be upgraded to more modern security practices, and Google can be notified about the hack repair for only $250. Once you submit your site information to us, we can investigate provide you with a more exact estimate based on your unique situation.
Yes and no. Yes, restoring your site from a backup will make the problem go away temporarily. But if you determine how the hackers broke in and block them from getting in that way, you will typically just get hacked again within the day or two after you restore your site.
Yes and no. Yes, there are tools that can identify and remove hacked files, but those tools won’t also fix the source of the hack and that means the hackers will be back and will just hack your site again. What we provide differs as we not only clean up the initial damage, but also stick with you to determine the cause of the hack so we can block the hackers from getting back into your site again. Especially if you’re running ongoing SEO or marketing campaigns, it is crucial to make sure you don’t keep getting hacked over again.
During the repair process, it is possible to get hacked again, but once we’ve identified the cause of the hack and blocked it, you won’t be able to be hacked again unless another cause arises that is not quickly addressed. In addition to repairing the hack, we can also monitor and address such issues for you on an ongoing basis so you don’t even have to think about the security components of your site.
Yes. Once we have identified the cause of the hack, we can block it. As technology changes, though, other security holes may pop up, so it’s important to stay on top of the security on your site all the time. If you like, we can handle that ongoing maintenance for you as well so you can focus on what matters most to you – running your website rather than fixing it.
The most common causes of website hacks is running old versions of your CMS (WordPress, Drupal, Joomla, etc), old or unsupported plugins/themes, or shoddy customizations done by another freelance programmer. That said, most CMS systems have core vulnerabilities intentionally in place because plugging those security vulnerabilities is either a different process for different hosting platforms or will likely cause side effects with a common collection of plugins and themes. If you’re afraid to run updates because it can break things as well or don’t know what to do, we can also maintain that for you with our ongoing security and maintenance plans.
Yes we do. If you have a clean/unhacked WordPress, Drupal, or Joomla website and just need someone to ensure that it stays that way, we can take over the routine maintenance and security of the site. Our maintenance plans include:
Monthly WordPress/Drupal/Joomla, plugin, and theme updates
Tweaks to your site and theme to fix small incompatibilities or breakages that arise from installing updates
Monthly website backups
Ongoing hack and malware monitoring
Free hack repairs during the life of the maintenance program
Pricing on our maintenance plans runs $30/month or $330/year (one month free when paid annually).
Yes. A lot of our clients have coupled our security and maintenance services with their own maintenance, marketing, development, or design services. Others simply need someone to turn to if their clients websites get hacked. For questions about reselling our services or to get a copy of our maintenance agreements for use reselling our services, contact us at [email protected] or call us at 405-562-6360.
Yes. One of the more common things that we do here at UnHack.Us is rebuild websites in the “correct way”. Frequently self proclaimed “CMS experts” will try to extend your website by building custom plugins for features that already exist inside your CMS, by using raw PHP code to “shell your CMS” for a custom theme, by using a super powerful PHP framework for a basic website instead of a using a CMS, or by sandwiching your CMS into another part of a custom site they have built for you. Most of these methods are completely unnecessary and amount to an insecure website that feels like a “house of cards” even for the people using your site that know nothing about coding.
If you need a quote for a site rebuild, email us at [email protected] or call us at 405-562-6360.
Yes. We can run security audits for your website, your server, your web application, or any combination of those. For help with a security audit, email us at [email protected] or call us at 405-562-6360.
Not at this time.
If you host your email accounts on the same server that you host your website than many times we can help, yes. Ultimately, it depends on your unique email setup as to who has the ability to help.
In most cases, no. If you’re social networking account(s) have been hacked, the best source of help will be contacting that social network to let them know and ask them for assistance.<
Great for all sites
Great for business
Best for business
I made the call and UnHack.Us took away all my doubts and fears in minutes. They answered all my questions seamlessly.
Contacting you was the best decision ever. You exceeded my expectations and went above and beyond the call of duty.
Really appreciate your help a lot, during Christmas and weekends, I am so satisfied with your service so far, thanks!
Fill out the form below to request a call back for help