Fix your hacked website from just £60* Our work is guaranteed. If the hack reoccurs our security experts will fix it for FREE If your hacked website can not be fixed, there is NO CHARGE

Salvage My Site can help if your website:

  • Has been disabled by your webhost due to malware or spam complaints
  • Shows pharmaceutical or porn adverts under your google listing
  • Has been defaced
  • Contains links that you didn't add
  • Your website no longer loads or is full of strange error messages

We deal with websites that experience the above problems every day.  A conversation with us costs you nothing, so if we can't help, then at least you'll be better informed.

Are your visitors being warned that your website has been hacked, contains malware or is engaging in phishing activities?

If any of the following images are familiar, we can help!

Search providers and web browsers show these messages to warn visitors that your site is compromised and may infect their own machines, or cause them financial losses.

*all prices exclude VAT at the prevailing rate

What you can expect from us

  1. Free initial telephone consultation

    We'll discuss your issues and request information to allow us to proceed further.

  2. Investigation

    Our security experts will identify the attacker's entry point and identify malware locations.

  3. Estimate provided

    Based on our investigations, we will provide you with an estimate based on our hourly rate of £60* per hour. In the vast majority of cases our work is completed within 1 hour.

  4. Undertake the necessary action

    We patch the vulnerability that provided access to the attacker and clean your site of malware.

  5. Final Report

    Our report outlines our findings, what we've done to fix your problem, and provides some preventative advice for the future.


We've helped these companies

"Our attempts to fix our hacked site resulted in the same thing a few days later.

Salvage My Site removed the hacked pages, patched the initial hack and secured the site against future attacks. Highly recommended."

Karen HoustonOcean Village

"Salvage My Site solved the problem straight away and advised on changes to prevent the problem recurring.

We have been impressed with their fast response, technical know how and on-going support and would highly recommended them."

Terry WhitmoreHenniker Scientific



If we can't help, you pay nothing

Fix my siteget your free investigation now


Wondering why you've been hacked?

90% of attacks are purely monetery motived, everything is aimed to drive traffic to the attackers illegal money making ventures (generally pharmaceuticals, porn or scams).  The other 10% are hackers perfecting their skills and posting evidence to obtain prestige.

Our Expertise

Our team consists of Systems Administrators (servers) and Software Engineers (programmers) with over 10 years experience in their relative fields.  Additionally we have over 5 years experience investigating and fixing website intrusions (hacks).


We write about website security too

How has my Wordpress website been hacked? written by Simon Stevens

When we talk to people during their initial telephone consultation, we find ourselves frequently asking "is this a Wordpress site?" or "is this built with Wordpress?" and in the majority of cases we guessed correctly.

Wordpress itself is a perfectly capable and secure platform, but the plugins available vary wildly in their quality.  Combine this with a site owner that doesn't religiously upgrade the site, it's plugin, and it's theme (frequently forgotten) and uses naive passwords, you have an ecosystem ripe for attack.

Read more

Plesk Hacked Again written by Simon Stevens

Further to earlier article about Plesk being hacked, despite customers patching their server with the required micro updates it appears that the exploit has returned.

Admin level access is being granted without authentication. The attacker / bot is then free to append code to existing sites on the server using the in-built file manager. There are also suggestions that the in built admin php IP limitation is not sufficient to protect against this meaning that the entire authentication process has been bypassed.

Read more

Read more of our articles