Incident response, malware removal and hack recovery.


If your online business is hacked or compromised by a malware or virus, the consequences will be not only that your site will be included in Google and the other search engines blacklist, but it could damage your reputation and consequently, might determine significant financial loss.

Our malware removal and hack recovery service includes:

  • Removing any harmful application (code injection, backdoor etc) from your site or server.

  • Finding and patching the vulnerability that was used to hack it.

  • Securing it in order to avoid any similar problem in the future.

  • One-month monitoring of your site.

  • One-year NinjaFirewall license offered (WP+ or Pro+).


  • Our website has been hacked or infected by a virus, what should we do?

    1. Change all your passwords (FTP, cPanel/Plesk, SSH etc). Make sure you are doing this from a safe computer that is not infected by any virus or keylogger.

    2. Do not stop/restart any service (HTTP server etc) or, even worse, reboot your server. Such actions would delete many details that are critical to our work.

    3. Do not modify or delete any file (infected file, listening backdoor etc).

    4. If your website was infected by a malware, protect your visitors by redirecting them to a maintenance page with the help of a .htaccess file. If you already have a .htaccess file, make sure it was not tampered with; otherwise rename it and create an new one.
      Example of .htaccess redirecting to a "maintenance.html" page. Put this code on top of the file and replace '' with your own domain name:

      RewriteEngine on
      RewriteCond %{SCRIPT_FILENAME} !maintenance.html
      RewriteRule . [R=302,L]

      By taking this step, you will also prevent your site from getting blacklisted by search engines such as Google.

  • What kind of access to the site or server do you need?

    In the case of a fully compromised dedicated or VPS server, root access (SSH) will be required. For a shared hosting account, FTP and logs access are requisite. If there is an administration panel installed (cPanel/WHM, Plesk, Webmin), it will be helpful to have an access to it.

    Note that a direct access to the website or server is required, as no work will be possible through a desktop sharing application (e.g., TeamViewer).

  • I have 5 websites but 3 of them consist only of a few HTML pages. Will you charge me the full price for 5 websites?

    We will bill you two websites and an additional small fee for the three HTML ones. Do not hesitate to contact us, we'll provide you with a more accurate quotation.