Repairing Hacked Websites,WordPress,Joomla,others
Please contact us

WebRepair repairs an average of 40+ websites a month.

Our diverse clientele includes public institutions, companies, and web development companies.

We can repair WordPress, EC-Cube, Joomla, and other CMS sites. We can also repair non-CMS websites. We have many samples of code used to attack websites, and we are always confronted with new ways of attacking sites.

With our accumulated experience and accomplished record of repairing websites, you can feel at ease with our services.

We enter website security contests.

WebRepair also participates in SECCON (security contest) to constantly improve our skills and to also train people new to website security.


Normal Repair Plan
Repair time: Within three business days (24 hours per day)
Warranty period: Three months after completion of repairs. Any recurrence of tampering within this period will be fixed for free.
Examination Report:
Summary (basic overview): $319 (excluding tax)
Evaluation Report (detailed report for publicly traded companies for external and public scrutiny): $900 and up (excluding tax)
Repair operation during non-business hours (weekends and national holidays): Pricing increases by 25%.
Nighttime repair operation (10:00 p.m. to 6:00 a.m.): Pricing increases by 25%. For repairs requested at night on a company holiday, there will be a 50% increase in pricing.

1. File downloading and examination.

First, give us the URL of the infected WordPress site and the site’s login information.

(If you do not want to give us your server information, you can send us all the website files that you downloaded. In this case, we will not be able to check the file permissions [authorized access]. Also, if malicious files are still being uploaded to your site, the site will not exactly match the files you downloaded for us.)

Check the current condition of the website tampering and operation. Then download the files and databases (SQL files).

In many cases, we can tell what attack method was used just by accessing and inspecting the server. There are cases when malicious files continue to be uploaded.

In such cases, we will first block unauthorized access to the website, then start the repair work.

2. Inspection of logs (optional).

After you send us the server’s log, we will try to identify the attacker’s IP address.

Unfortunately, since it is easy for the attacker to mask the actual IP address, we cannot always identify the attacker’s true IP address. If we cannot identify the IP address used in the attack, we will not be able to identify the attacker.

(If you are using a rental server and cannot obtain the log, we might not be able to check the log.)

3. Eradication.

We will closely examine the downloaded files and look for any unauthorized files or any operations affected by malicious files.

We will find and eradicate all malicious files and also scan for any viruses.

As of the end of September 2013, WebRepair has repaired 243 websites. Since we have many samples of malicious files, we are aware of the attackers’ methods and past cases. This helps us formulate solutions.

4. Countermeasures to prevent a recurrence.

After we know the cause of the problem, we execute countermeasures to prevent a recurrence.

We also do a security check and patch anything that is vulnerable.

This is how we prevent website tampering by other methods.