In order to complete our tasks on a client’s site in a thorough and timely manner, we will need to have full access to various aspects of the client’s site, such as: Access to CMS Admin, FTP, Control Panel, etc. Any delay in providing such information may cause delays in delivery.
Malware Removal Service
A single purchase of the Malware Removal Service applies to one site only. For multiple sites, please add the desired quantity into the cart when ordering.
Moving a site after it has been cleaned
Some clients may wish to move their site to different hosting accounts during the warranty period. Please note, that coverage will only apply when a site is transferred to a single hosting account. If a client moves their site to shared hosting and the site becomes re-infected due to this, we will inform the client of the issue in order that they may fix it, but reserve the right to end the service if no action is taken.
What is a “site”?
We define a ‘site’ by:
1) url: http://www.thisisasite.com
3) and by file structure: http://www.thisisasite.com/subsite, or http://www.thisisasite/site2
Sub-directories that contain the files which relate to a main site are included. Directories that contain other sites are not. We judge a site by installation. Clients that are unsure as to if they are covered under one site should contact us before completing their purchase.
If a client’s site is on a shared hosting, with several other sites connected, but only purchase one service for one site, clients should be aware that the other sites are not covered. More importantly, they should be aware that there is a very strong chance of internal and crossover infection, meaning that if the other sites are affected, the cleaned site will most likely become reinfected again.
We will secure the sites that clients have purchased malware removal for, and inform clients of the other sites also infected. If they are, and clients choose not to have the infection removed, we will not be responsible for cross-infection and the removal of malware cause by this situation.
The 24 hours action service guarantee applies to purchases of 1 or 2 websites. Clients who wish to order malware removal for more than 2 sites should be aware that it make take between 1-2 business days to complete the work.
Blacklist Removal Service
It can take Google from between 24 and 48 hours after we have cleared the infection to remove any site warning signs. This time-delay is out of our control. It is the client’s responsibility to contact Bing, Yahoo, AVG, McAfee, Yandex, and any other search engines which may be displaying warning signs.
We notify all clients when their sites are clean within 24 hours, listing any actions we have performed. Status updates are not given until this point, so please do not contact us before then.
Hosting Account Compromise
All clients should be aware that we remove malware from sites only. If the cause of the infection is that a local system (ie a client’s computer) has been compromised by keylogging software which is providing access to the hosting account, it is the client’s responsibility to remove this.
If a client has uninfected backups of the site, we will do our best to restore them. If clients do not have backups, we will attempt to restore the site to a functional and clean state. Clients should be aware that any bespoke customizations may be lost in this process.
Clients who choose to restore an old and possibly infected version of their site AFTER we have secured it will invalidate any coverage we provide. If they require malware removed after this process, they will again need to pay for a new service.
If during the cleanup process we have changed, or asked clients to change their passwords, all passwords should be unique and complex. NEVER reuse an old password.
Clients should leave file permissions the way we have left them after the site cleanup. Any alteration of these may introduce gaps in security, and we reserve the right to cancel our agreement.
In order to clean a client’s site, we will require access such as passwords, FTP access, and admin facilities. We will inform all clients of the levels of access we need. If clients are unable or unwilling to provide this access, we reserve the right to cancel our agreement.
Whilst cleanup is being performed, clients should in no way access, update, modify, or change any aspects of their site. We will inform clients when they may access their sites again. If clients choose to access their sites whilst we are working on them, malware may be re-introduced and the service agreement voided.
Clients should be aware that cheap hosting companies quite often fail to keep their servers secure and updated – an example of this is using outdated versions of PHP. When we have analysed the site, we will notify clients of any potential difficulties regarding hosting, and recommend how they can be fixed. Whilst we will monitor the site for 30 days, if these fixes have not been implemented we are not held liable for future infections.
Quite often, malware infects a site because the core system is out of date. In some cases, particularly with WordPress, it may be possible for us to easily update the system and close the potential hole in security. For other platforms such as Drupal or Joomla, this may not be possible, particularly if clients have bespoke customizations. In these cases, we will contact clients so that they can work with their developers in order to update the core system, or advise the next steps that should be taken. Clients should be aware that if we recommend that a site core needs updating, and it becomes reinfected due to lack of action in regards to the update, the service agreement may be invalidated.
It is the client’s responsibility to organise their own regular site maintenance, as our service does not cover this. Plugins and other aspects of CMS platforms need regularly updating in order to ensure site security.
Further Notes On Our Services
If we discover a client’s site has been previously infected, but currently is not, we will still aim to secure it and make the necessary submissions in order to have it removed from any blacklists.
By purchasing our services , clients agree that they are non-refundable unless mentioned above, and that they implicitly agree with the above terms of service.