Usually, it looks like your site is either broken or has clearly been hijacked by someone else. Website may perform some unwanted actions including showing malicious verbiage on your website, sending spam, malvertising, malicious downloads, falling traffic, etc. The most noticeable sign of a hack is when you either receive a warning about it in your browser or notice something obviously wrong with your site like spam ads on your site or search results or noticeable defacement to the site. Another red flag is when your website tries to download something onto visitors’ computers when it’s not supposed to. All these symptoms indicate that your website is either broken or has been hijacked by someone else. 

In addition, there are a handful of other signs that indicate a hacker may have invaded your website. The biggest one is when you start noticing odd browser activity including spam adds, unwanted downloads, strange unrelated warnings and verbiage showing on your screen. Here are some examples of warnings that can signal about potential website hacks. 

  • Google: “This site may harm your computer” or  “This site may be hacked”
  • Chrome: “Warning: Something’s Not Right Here”
  • Internet Explorer: “This website has been reported as unsafe”
  • Safari: “Warning: Visiting this site may harm your computer”

Try searching up your site on google and accessing it through the search results - if instead of your site you are redirected to 3rd party site, this means that your site has malicious code. This is just one of the ways how site can be hijacked. In other cases, we've seen 3rd party links injected into the site template, unnoticeable to the site owner or visitors.


We didn't fully answer your question?
Please get in touch

Having your website hacked is a very stressful time. When the website hack happens, it makes a website owner feeling unsafe and troubled. The danger of hacking will strictly depend on the type of hack. The hacks can vary from simple unwanted actions such as malicious verbiage or temporary losing control over your website to something more severe that can threaten the whole integrity of your online presence. In any case, if this unfortunate event happens, you need follow some basic steps:

React 

It is important to recognize the problem quickly and address it.  While panicking is not the best approach, be aware that the longer the hack is prolonged the more potential harm it can cause. 

Investigate 

Start collecting as much information as you can about what and when it happened. In addition, ensure you know your server login information. This all will be necessary information as part of the process of repairing the hack. Don’t waste your time looking for people to blame. It will only hold you back from solving the problem. 

Don’t rely on easy fix

Be aware that site restore from a backup or automatic cleaning are necessary steps that are part of the process, but they don’t solve the root of the problem behind the hack. Don’t underestimate the problem if you don’t want to be hacked again. 


We didn't fully answer your question?
Please get in touch

The quick answer is “it depends”. It can be fixed within a couple of hours or it can take up to two days. If we deal with experienced hackers, it might take even longer to find out how they attempted to crack the code, block them and back online your website. 


We didn't fully answer your question?
Please get in touch

Most website hacks can be fixed and it doesn’t matter whether your website is built on WordPress, Joomla, Magento, or any other CMS system. The only problem that can’t be fixed is when the hack caused irreversible damage such as website complete destruction. In this case, you can only rely on retrieving all you can from backups. 


We didn't fully answer your question?
Please get in touch

When it comes to the cost of being hacked, it really depends on the hack, but it's always high. The repair can be as simple as to find and remove a file or code added by the hacker. But, if hackers ruined everything on your account, including your site, content and graphics or they infected server / host with malware, then it means you have to replace everything, and it can be much more complicated case. Our emergency recovery service includes malware removal, security upgrade and notification to Google about the hack repair for only $99. Then it makes sense to consider our maintenance service to ensure that this stressful and costly issue will not happen again.


We didn't fully answer your question?
Please get in touch

Search engines do understand that getting hacked is not necessarily your fault, but they also have to protect the people they would otherwise send to your site. Google and other search engines can detect if your website has been hacked and in order to protect users, they will flag it to them.  While it is not your fault, you need to act quickly to save your ranking and to ensure your website is not removed or blacklisted. Unfortunately, when the website is down, your ranking drops too. So if you don’t address the problem quickly, it may impact your rankings.


We didn't fully answer your question?
Please get in touch

During the repair process there is a risk to be hacked. But once we detect the cause of the hack and block it, you are secured from further attacks. Also, to prevent attacks, we monitor and address any small issues ahead of time, so you can be worry-free about the security piece of your website.

 


We didn't fully answer your question?
Please get in touch

You can, however, restoring your site from a backup will make the problem go away only temporarily.  But if you don't determine how the hackers broke in and block them from getting in that way, you will typically just get hacked again within the day or two after you restore your site from backup. If your website got hacked once, it means your website is vulnerable and you will not remove this vulnerability by just restoring it.

Restoring from backup is a short term solution to quickly fix the defacement to avoid reputation damage, while you work on a proper fix. 


We didn't fully answer your question?
Please get in touch

While there are many automated services that can identify and repair the hacked website, the key problem – the cause of the hack – doesn’t go away. It means that your website remains vulnerable and hackers can attack your site again.  At Bastion, we treat the problem from all angles and ensure your website is repaired and protected from potential attacks. Here is what we do:

  • Provide initial clean-up and malware removal
  • Detect the root problem that caused the hack so we can block the hackers from getting back
  • Protect further the website to ensure there is no security gaps

Furthermore, majority of the hacks are automated - which means it's just a matter of hours when automated hacking tool will retry the same exploit which was found previously on your site.

What we provide differs as we not only clean up the initial damage and fine-tune the security of your site, but also determine the cause of the hack so we can make sure that the hack from the same issue won't repeat. Especially if you are running ongoing SEO or marketing campaigns, it is crucial to make sure you don’t keep getting hacked over again.


We didn't fully answer your question?
Please get in touch

Malware Insurance Guarantee is your peace of mind insurance that while your site is under our maintenance you are fully covered in terms of malware/hacking. 

We monitor your site and apply updates as they become available. If an update is an important security patch - it is our goal to apply the update in shortest possible time. 

If, however, your site gets infected with malware before we apply the important security update - we guarantee that we will remove it asap without any extra charges. 


We didn't fully answer your question?
Please get in touch

Our system monitors your sites and as soon as update to the core or plugin becomes available - we know it and start preparing to apply the update. Our team determines how crucial are the changes in that update, whether it's a security update which has to be applied right away, or minor bug fixing for a website plugin. 

A full site backup is then performed (files and database) before we actually start the update process, to ensure we can easily roll back, in case something goes wrong.

Our system will send you an email with all updates performed at the end of the day. 


We didn't fully answer your question?
Please get in touch

You must possess the required licenses for any commercial themes and plugins on your site. In order to update those for you, we will contact you to obtain the licenses for those commercial plugins, if an UPDATE requires the license key.


We didn't fully answer your question?
Please get in touch

First of all, we read the changes (changelog) of every plugin/core release before applying them to your site. Following an update, we validate that your website still operates properly. In case of problem, we restore the previous backup which we did right before running an update for your site. 

We then look into the problem and if it can be fixed within an hour - we will do that without any extra charges. If we see that it cannot be fixed within an hour - we inform you of that and provide a quote for fixes. 


We didn't fully answer your question?
Please get in touch

Sure thing! All you need to do is specify a 4-6 hour window when our team can perform the updates on your website(s) to our support team from within your account.


We didn't fully answer your question?
Please get in touch

If your WordPress installation is a Multisite instance, you'll need a custom plan. Please contact us to get pricing for your particular case.


We didn't fully answer your question?
Please get in touch

Once we detect the source of the hack, we can block it and protect you from hacks.  As technology evolves very fast, other security gaps can emerge, so it’s crucial to keep an eye on the security of your website all the time. At Bastion, we offer ongoing maintenance service to ensure that your website is up and running 24/7 and let you focus on other business matters.


We didn't fully answer your question?
Please get in touch

Yes! We've created a platform called "Citadel" for our customers to view real-time health of their websites. 

In Citadel, you can see your website(s) health, all available updates, plugins & themes, the current status of our maintenance, SSL information, backups status, uptime stats & you can also purchase additional services from there including SSL certificates, dead link checking, penetrations tests, ad-hoc website updates.


We didn't fully answer your question?
Please get in touch

You can contact us through your account - support section or by email.

You can expect a prompt response from 9:00 AM to 6:00 PM (EST) Monday through Friday. After office hours and during the weekend / holidays, we offer limited support.

We always monitor our support channels and ensure that emergency cases are dealt with regardless of the regular support schedule.

This does not apply to the update-windows. We maintain your website updates regardless of the regular support schedule on 24/7 basis.


We didn't fully answer your question?
Please get in touch

The common reasons why your website can be the target of a hack include:

  • Outdated version of your CMS (WordPress, Drupal, Joomla, etc)
  • Old or unsupported themes and plugins.  They should be updated, and ones that are not maintained by the developer should be removed.
  • Poor customization done by a freelancer programmer with questionable experience
  • Badly written custom code 

Most CMS are customizable, which means that you can build your own site, your own theme and add as many functionalities as you need by setting up third party plugins. This also increases the attack surface of the CMS, as each plugin may have its own vulnerabilities and can cause side effects during installation process. 

Running updates and patching vulnerabilities should be done on a regular basis to ensure your website is not at risk.  If you need help to run updates safely, our maintenance plan provides ongoing security support to keep your website up to date and fully performing.

If you’re afraid to run updates because it can break things or you don’t know what to do, our website maintenance plan is exactly what you need. 


We didn't fully answer your question?
Please get in touch

Excellent question. 

Any platform, whether it is WordPress or CraftCMS, is maintained by it's community/developers. Whenever update is released - it contains bug fixes, new features, improvements and most important - security patches. If a major security flaw was identified in the platform core or some plugin, it is crucial to update your site as soon as patch comes out, to avoid possibility of being hacked or infected with malware. And that's why you have us!


We didn't fully answer your question?
Please get in touch

Yes, we do provide such service. You can order it during the checkout process on our site. For more information - please contact us.


We didn't fully answer your question?
Please get in touch

We understand that your business relies on your website and it's important to have your site up and running in shortest period of time. 

Having said that, we start working on your site shortly after you place the order. Most of the sites can be recovered within 2-3 hours. In severe cases, that can take up to 48 hours (if you don't have a backup of your site and both site files and database were altered).


We didn't fully answer your question?
Please get in touch

We will definitely recommend installing a security plugin if you don't have one, though we will never install any plugins without your knowledge or approval.

The only exception is when you sign up for maintenance plan. In order for our system to monitor your site - we will install a website telemetry gathering plugin which we created for this (with tiny footprint).


We didn't fully answer your question?
Please get in touch

Once we analyze and fix your site, we will also provide recommendations on other steps you must take to ensure site does not get compromised again (like changing FTP passwords, in case we didn't have access to your hosting account). 

In case your site is hacked again within 30 days after our restoration service - we will fix it again, without any extra charges. 

The recommendations we will provide for your site will clearly indicate that you have to maintain your site and install updates as soon as they become available and we want to be absolutely transparent and ensure that both you and us are on the same page. If you decide to maintain the site yourself after we restore it for you, and get hacked within those 30 days because of not keeping up with updates, we will have to request you to re-purchase the service to fix your site again. 

 


We didn't fully answer your question?
Please get in touch

When we recover your site, we will always advise you if a plugin/theme has security issues which don't have an update available. In this case, we will either suggest an alternative or provide a quote to fix the security issue for this plugin for you.


We didn't fully answer your question?
Please get in touch

In short - no, you don't have to. When we restore your site from hack/malware - we patch it up with latest available updates and you will be fine for some time. However, if you don't have time to maintain your site after we restore it - we strongly advise on signing up for our maintenance. If site is not maintained, it's just a matter of time when the site will be compromised again.


We didn't fully answer your question?
Please get in touch

Yes, we do. Currently, you can purchase following services right through your account: Website Maintenance, Emergency Malware Recovery (in case your site is not under our maintenance yet), SSL certificates (installation included), Website Penetration Test, Dead Link Checking. 

Aside from these services, we provide full service web development. We can do custom plugins development, content adjustments and anything else you need for your website. Please contact us if you need any of these services.


We didn't fully answer your question?
Please get in touch

Yes, we can.  At Bastion, we perform comprehensive security audits for your website, your server, your web application, or any combination of those.  If you need help with a security audit, please contact us.


We didn't fully answer your question?
Please get in touch

Yes, there is an option to combine our maintenance services with your core services, whether is a design or development. Some clients need to have a company they can refer to their own clients, in case their website is hacked. For more information on reselling our maintenance services, please contact us


We didn't fully answer your question?
Please get in touch

At Bastion, we often deal with a situation when rebuilding a website is the best solution. Unfortunately, there are many so called “CMS experts” that take advantage of a client by offering inappropriate web solutions, including building plugins that already exist, using raw PHP code to “shell your CMS” for a custom theme, intentionally choosing PHP framework for small websites instead of using a CMS platform, or squeezing CMS in a custom website. All these methods are needless and make your website more vulnerable and unstable. If you need help to rebuild a website, contact us.


We didn't fully answer your question?
Please get in touch

If you host an email account and your website on the same server then we can solve your problem. Eventually, the ability to help will depend on your unique email settings. 


We didn't fully answer your question?
Please get in touch

Fixing hacked social media accounts is out of scope of our services. If it happens, we suggest contacting a social network for their assistance. 


We didn't fully answer your question?
Please get in touch

You can pay with PayPal or with any major credit / debit card. Payments are handled securely by our payment provider- 2Checkout. 

Please note, if your recurring payment fails to renew, your subscription will be automatically paused and website maintenance or daily backups will not be performed anymore.


We didn't fully answer your question?
Please get in touch

If for any reasons you are not satisfied with our monthly maintenance service, you are entitled to pro-rated refund for the time left during maintenance month. For all other products, we will gladly refund the fee if the service wasn’t performed/provided yet.


We didn't fully answer your question?
Please get in touch

Yes. We offer a 50% discount for charities and non-profit organizations. Simply contact us with the supporting documents and we'll set you up. 


We didn't fully answer your question?
Please get in touch

Yes, you can. Just open a support ticket once you login to your account.

You will continue to receive maintenance service for your websites until the end of the subscription date unless you request a refund. Subscription will not renew automatically.


We didn't fully answer your question?
Please get in touch

Critical Gears is our parent company and main system developers. Our payment provider is 2Checkout.com. For that reason, you may see following on your bank statement:

  • 2CO.COM*criticalgears
  • 2CO.com*criticalgears
  • criticalgears
  • criticalgears*2Checkou
  • criticalgears.com

We didn't fully answer your question?
Please get in touch

Yes! If you own a marketing, design or development company, or just have lots of WordPress (or CraftCMS) clients for whom you need to maintain their sites - we'll be happy to discuss options of reselling our services.


We didn't fully answer your question?
Please get in touch

We're currently working on affiliate system. If you're interested in re-selling our services, please get in touch and we'll be happy to discuss it.


We didn't fully answer your question?
Please get in touch

More than one website to maintain?