Scan
We examine files, the database, user accounts and server logs to map the full infection — not just the visible symptoms.
You receiveA findings summary: what's infected, and how it likely got in.
We scan the site, tell you exactly what we found, and give you a fixed quote before any work starts. Then we remove the infection, close the way it got in, and show you the evidence that it's gone.
The scan is free and tells you either way. You approve the quote before anything is touched.
Malware rarely announces itself. These are the signs we see most often — tick anything you've noticed.
Tick anything you've noticed. One sign is enough to be worth checking.
Request the free scanEach step produces something you can read. You approve the quote before any work begins.
We examine files, the database, user accounts and server logs to map the full infection — not just the visible symptoms.
You receiveA findings summary: what's infected, and how it likely got in.
Based on the scan, we quote the cleanup as a fixed one-time price. No work starts, and nothing changes on the site, until you approve it.
You receiveA fixed written quote for the whole job.
We back up the site first, then remove the malicious code, reinstall core from clean copies, remove rogue accounts and rotate every credential and key.
You receiveProgress notes as the work happens — what we found, what we did.
We close the entry point, re-scan until the site comes back clear, and request removal of any browser or search warnings.
You receiveA cleanup report showing the site scans clean.
How long each step takes depends on the infection — the scan tells us, and the quote tells you, before anything is committed.
Every quoted cleanup covers the full job below. If the scan shows your case needs less, the quote reflects that.
✓Removal of malicious code from files and database
✓WordPress core reinstalled from verified clean copies
✓Identification and closure of the entry point
✓Removal of rogue admin accounts and backdoors
✓Rotation of passwords, security keys and salts
✓Full site backup taken before any changes
✓Review requests for Google Safe Browsing and blocklist warnings
✓A written cleanup report with the final clean scan
Infections vary too much for one honest fixed price. So the scan is free, and the quote is fixed before work begins.
One-time cleanup
A fixed quote based on what the free scan finds. The price you approve is the price you pay, whatever the cleanup turns out to involve.
Fixed quote
+VAT · after a free scan · one-time
Request a free scanAfterwards
Cleanup fixes what happened. A care plan is what stops it happening again — every plan includes malware scanning, a firewall and virtual patching that blocks disclosed vulnerabilities the same day. Plans start at £25 +VAT per month, per site.
From £25
+VAT /mo · per site · rolling monthly
See care plansWe don't ask you to take "it's fixed" on trust. The cleanup ends with evidence.
Every job ends with a plain-English report. This is the kind of thing it says.
✓Malicious code removed from 14 files. Core reinstalled from clean copies; your content and settings were untouched.
✓Entry point: a disclosed vulnerability in your form plugin. Virtual patching blocked it the same day; the plugin has since been updated.
✓0 known vulnerabilities. Last scan today. Backup verified and restorable.
✓Google Safe Browsing review requested; the warning has been cleared.
This is a sample showing the format and level of detail. Your report describes your site.
Every WPCare plan includes the protections that make a repeat unlikely — and a monthly report showing they're working.