If your small business website has been defaced, breached or hacked in some way - we can help analyse, remove the bad code, and secure your website.
Don't worry - this does happen more often than you think to open source web software such as Wordpress and Drupal. Usually this is a direct result of not updating your website.
Normally, a virus will spread from website to website looking for an insecurity, exploiting it and planting code which may inject advertising, malware, spamware or other exploits.
If you find yourself in this situation, you have almost certainly not been targetted - just the unlucky victim of a virus as it spreads around the internet.
Often this stems from missing important security updates. This can also stem from missing best practices such as default permissions, bad third party plugins or themes and more.
We first run through basic best security practices - for example: if you are running a Wordpress website, we run through file and directory permissions, plugin and theme versions and other basic best security practices. We also run through your web server logs to attempt to find the initial time and request which exploited your site.
Using various linux tools such as diff enables us to sort through changed code - comparing it to your current code. Other tools enable us to find obfuscated code - a technique often used by virus authors to make reverse engineering more challenging.
We run through best security practices for your web server and application - ensuring secure file permissions, plugins and themes, ports and more. We remove all infected code and search through your content for injected SEO links and more.
We send you a report of all findings - often including approximate date and time of breach, modified and obfuscated malicious code, a brief overview of what the virus' main function was, and steps to ensure this doesn't happen in the future.
If the breach was recent, all we would have to do is restore your website from a backup. :-)