We do, in fact. If your WordPress site is hacked while hosted with Kinsta, we’ll work with you to repair the damage for free.
Security Guarantee Limitations Important
Only sites without nulled plugins or themes are covered by our security guarantee. If your site uses a nulled plugin or theme, we won’t be able to remove the malware until the offending plugins and themes are removed.
Our security guarantee includes the following:
An examination of the site as well as a deep scan of the site’s files for malware.
The WordPress core is repaired by installing a fresh copy of the core files.
Infected plugins and themes are identified and removed.
If a malware removal process removes an active plugin or theme, you will be responsible for installing and configuring a new copy of the plugin or theme after the malware removal process is complete. Non-WordPress software and custom scripts are not covered by our security guarantee.
We’ll do everything we can to remove all malware from your site. Malware, on the other hand, is designed to be difficult to detect and remove. This is especially true of infections that have been injected into the site’s database. As a result, a single round of malware removal may not be sufficient in some rare cases. If you see any unusual or malicious behavior after we’ve finished working on your site, please contact our support team and offer as much information as possible so that our malware removal experts can try again to properly remove the infection.
Our security guarantee is conditional on your acceptance of our Terms of Service. While we cannot avoid or remediate all security events, as long as your websites are hosted by Kinsta, we will assist you in fixing malware-related damage to your websites.
How WordPress Sites are Hacked
Server-level compromises are exceedingly uncommon due to the secure nature of our system. Sites that have been hacked while being hosted at Kinsta are infected in one of two ways:
WordPress exploits include the use of old or badly coded plugins and themes, as well as obsolete versions of the WordPress core.
Your WordPress admin, MyKinsta, database, SSH, or SFTP credentials have been compromised by an attacker.
Nulled plugins and themes: using malicious code in “free” nulled versions of premium themes and plugins.
Malware Removal Process
Inspecting a site, scanning it for faults, and eliminating infections can take up to one full working day. Multiple rounds of inspection may be required if the infection is particularly widespread. It may be necessary to restore a site using a backup in some rare cases where it has become corrupted beyond repair.
When malware is removed, infected plugins and themes are often removed, causing the site to break. As a result, we suggest using a plugin to put the site into maintenance mode while the malware is being removed.
Please inform our support staff if you find evidence of malicious code or unusual site behavior.
Steps Taken By Kinsta
Every repaired site will go through a few required phases in our malware removal procedure, which will be performed by our Support team:
WordPress will be reinstalled from the ground up.
Passwords for SFTP, SSH, and databases will all be changed.
If we find infections in the plugins or themes on your site, we will delete the infected components.
Steps You Will Need to Take
We’ll need you to take a few more steps to secure your site after the malware has been removed:
All plugins, themes, and the WordPress core should be updated to the most recent version.
Do not attempt to manually clean and reuse any compromised themes or plugins that our Support staff has recognized and deleted. Download and install fresh copies of these components from the developer’s website.
Examine all WordPress admin users and delete any that are inactive or unfamiliar.
Passwords for all WordPress admin users should be updated.
Passwords for all MyKinsta users should be updated.
Additional site-specific instructions, depending on the infection’s nature.
These actions should be completed within one business day of receiving our request. If you don’t take these extra actions, our Support team won’t be able to remove future infections for free.
Scanning Additional Sites
When one of your sites becomes attacked with malware, you may be concerned that your other sites will become affected as well. Cross-contamination between sites at the server level is not feasible because Kinsta uses a container-based hosting infrastructure.
This means that if there’s no concrete evidence that other sites have been hacked, there’s no reason to believe they’ve been infected.
Site inspections for potential infections are confined to those that show particular signs of infection. In the absence of particular evidence, we recommend using a site-scanning service or plugin like Sucuri Security to ensure the rest of your sites are not compromised.
Infections Discovered During Migration
In our migration process, we perform a deep search of all site files as a normal step. If we discover that your site is infected during a migration, we will interrupt the process and notify you of the problem. There will be two options available to you at that time:
Proceed with the migration and have Kinsta remove the infection; there will be a $100 malware removal fee.
Cancel the transfer, work with a third party or yourself to restore the hacked site in the previous hosting environment, and then reschedule the migration.
Save time, and money, and improve site performance by using:
Expert WordPress hosting assistance is available 24 hours a day, 7 days a week.
Integration with Cloudflare Enterprise.
With 29 data centers across the world, we can reach a global audience.
With our built-in Application Performance Monitoring, you can improve your performance.
All of this and more is included in a single plan that includes no long-term obligations, aided migrations, and a 30-day money-back guarantee. Check out our plans or speak with a sales representative to find the ideal plan for you.
Was this article useful to you?