Hacked Website iconHas your Joomla!® site been hacked? 

Don't Panic!

Every week, we help new clients recover their hacked Joomla websites, tighten the security on their site and reduce their risk of a second (or third, or fourth) hacking attack.


Here's what Polished Geek does to get your site back up in a safe manner:

  1. We gain access to the site with the credential you provide for your admin and hosting account, and then create a full Akeeba backup to work from.
  2. If your current hosting company has suspended your site, we will bring the copy up on an isolated development site on our server, so we can have 100% access to the site and work more quickly
  3. Next we run a full Joomla specific security audit, which usually finds everything the hosting company has flagged, and usually a lot more
  4. One of our qualified Joomla developers reviews and fixes all malicious code identified
  5. A developer will analyze the installed 3rd party extensions for upgrades, and upgrade any that are needed, as well as your core Joomla code. Depending on your site and whether any extension customizations are present, this step can take up to several hours. If any extensions used on your site are commercial, you'll need to purchase renewals separately, but we'll advise you if that's the case. (Please note that we will only upgrade within your Joomla version series. For example, Joomla 2.5 to end of life version 2.5.28 and Joomla 3.x to latest current stable version.)
  6. Then we install all of our recommended Joomla site security tools. These include a Joomla firewall, administrative tools to help stop brute force attacks, administrator panel protection, and more.
  7. To ensure the site is ready, we re-scan the site with another full audit to verify no more malicious files are found
  8. Lastly, we completely replace the infected site on your hosting with an updated clean site
  9. If your site has been blacklisted we will help you get the documentation submitted to Google or anti-spammer blacklists to request removal

Don't let "next time" happen to you.

RoyaltyCarePlans Shield cropped smallOnce your site has been cleaned of all malicious code, upgraded, and secured, you are eligible to apply for one of our Joomla Royalty Website Care Plans

Our monthly care plans go way beyond basic maintenance, and every single plan includes our team keeping a careful watch over your site with rigorous, Joomla-specific security audits on a regular basis.

While no one can guarantee you won't be hacked in the future, being enrolled in one of our premium website care plans significantly reduces the risk of future attacks.

Plus, as part of every Royalty Website Care Plan, you are fully covered for the cost of site recovery if something ever does happen while your site is under our care!

We don't just replaced corrupted files - we SECURE your website!

Secure Website Icon

Remember, just restoring yesterday's or last week's backup almost never solves the underlying problem.

If your site has a security risk and you don't fix the root cause, hackers will simply come back and exploit it all over again.

And in many cases, we've seen that a site can be silently compromised for weeks, or even months, before the hackers make use of their hacked backdoor and you realize there is a problem. Restoring a recent backup then only restores the same compromised files and the hackers are still in business.

Help! I'm losing money every moment my site is hacked!

How long does it take to perform the service and how much does it cost?

The number of hours needed for site recovery projects vary significantly. The amount of time required depends on how invasive the hack is, how difficult it is to get access to the site on your current hosting company (some are less cooperative than others), how many extensions are installed that need updating, what customizations you have, etc.

Many hacked site recovery services that charge a flat fee only remove the obvious malicious code, and maybe they will update your Joomla core software. But seldom will they add preventative security tools or upgrade your 3rd party extensions in use on the site.

That's simply not enough to protect your website against future attacks.


Ok, so what does it actually take to do it right?

Hacked site recovery projects are handled only as hourly engagements, under our prepaid Technical Services packages.

Ninety-five percent of hacked sites can be audited, upgraded, secured and cleaned of malicious code under our minimum 12 hour package, many times with hours left over for future work.

Complex sites with large numbers of third party extensions or customizations, or sites with extensively hacked code may take longer.

Therefore you'll need to purchase our minimum Technical Services package of 12 hours (@ $175/hour; $2100 USD).

Time is charged against the account in 15 minute increments until your site is restored.

All hours remaining after the Hacked Site recovery service will remain on your account and never expire until you use them at a future date. 


I'm ready to hire the experts, and get control again of my hacked Joomla site!


Feeling insecure about your website's security?

Whether the unthinkable has already happened, or you're just preparing ahead for the worst, let's chat.

Contact us today to learn more about how we help protect your Joomla website. 

Get in Touch