Frequently Asked Questions

Everything you need to know about the plugin, console, and expert cleanup service.

The Plugin

The SecureWP plugin delivers layered WordPress security from within your installation. It includes site hardening, login protection, two-factor authentication, an application firewall, cloud-powered malware scanning, and vulnerability monitoring. Hardening features are available immediately after installation. Scan and vulnerability features connect to SecureWP's cloud intelligence network and require the plugin to be registered with a license key. Security-intensive analysis runs on our infrastructure rather than your server, so your site performance is never affected regardless of your hosting plan.

Yes. The plugin is available at no cost on WordPress.org. Site hardening, login protection, and two-factor authentication are active immediately after installation with no registration required. Malware scanning, vulnerability monitoring, and firewall rule updates require the plugin to be registered with a license key. A free license is available through your SecureWP account and takes under a minute to activate.

Yes. Malware scanning and vulnerability monitoring draw on SecureWP's cloud intelligence data, which requires the plugin to be registered with a license key. Registration is free, takes under a minute, and does not require the console. Once registered, scans run automatically and receive continuous signature updates from our cloud. You do not need a paid plan to run scans; a free license key is sufficient.

No. File analysis and signature matching run on SecureWP's cloud infrastructure, not your server. The plugin sends file hashes and metadata for remote analysis rather than processing files locally. This architecture eliminates the performance impact that traditional on-server scanners produce, and works without degradation on shared hosting, VPS, or managed WordPress environments.

Many infections are silent for weeks or months. Common indicators include:
  1. Unexpected redirects to unrelated or spam sites.
  2. New or modified content you did not publish, particularly spammy pages or hidden links.
  3. Browser warnings such as "Deceptive site ahead" or "Site may be hacked."
  4. A sudden drop in search traffic or removal from search results.
  5. Unknown admin users or locked-out administrator accounts.
  6. Unexplained performance degradation or elevated CPU usage.
  7. Alerts from your hosting provider or a security scanner reporting infections or blacklisting.
If you observe any of these signs, run a scan through the SecureWP plugin immediately or contact our team via chat.

The Console

The SecureWP Console is a cloud-based management dashboard available at console.securewp.net. It provides centralized visibility across all your connected WordPress sites, including scan history, uptime and SSL monitoring, vulnerability status, security event logs, and alert routing. It is designed for site owners managing multiple properties and agencies operating client site portfolios.

No. The plugin operates as a fully independent security layer with no dependency on the console. The console is an optional management layer that adds multi-site visibility, bulk scan scheduling, Slack and Discord alerts, and team access controls. Your security features are identical whether or not you connect to the console.

After installing the plugin, navigate to the SecureWP section in your WordPress admin dashboard, go to Settings, and connect using your SecureWP account credentials. The connection process takes under a minute and requires no server-level configuration or file editing.

Yes. The console supports configurable team roles, allowing multiple users to monitor and manage sites with appropriate permission levels. This is designed for agency workflows where team members require site access without full administrative control over the account.

Yes. The console is built for multi-site operation. You can connect an unlimited number of WordPress sites, schedule bulk scans, configure per-site alert routing to Slack or Discord, and generate downloadable security reports for client reporting. Volume pricing is available for agencies managing five or more sites. Contact us via chat to discuss your requirements.

Expert Cleanup Service

The Expert Cleanup service is designed for active infections that require manual forensic analysis. If your site has been compromised, blacklisted, or is exhibiting symptoms such as unexpected redirects, injected content, or a suspended hosting account, a dedicated security analyst will be assigned to perform a hands-on investigation and surgical removal of all malicious code.

A named security analyst is assigned within 15 minutes of your order confirmation. Work begins immediately. There is no ticket queue or waiting period. After the initial assignment, you will have direct communication with your analyst through a secure messaging channel throughout the engagement.

Every Expert Cleanup engagement includes:
  1. Full forensic audit of site files and database.
  2. Surgical removal of all malware, backdoors, and persistence mechanisms.
  3. Blacklist removal requests submitted to Google Safe Browsing, Norton, and McAfee.
  4. Site hardening to close the vulnerability that enabled the breach.
  5. Post-cleanup verification and a written summary of findings.
  6. A 1-year reinfection warranty covering follow-up cleanups at no additional charge.

Yes. Once the infection is removed and the site is verified clean, we coordinate with your hosting provider to demonstrate resolution and request account reinstatement. Depending on your host's requirements, we may need temporary access to your hosting control panel to complete the cleanup. Your analyst will walk you through this process.

We handle all infection types, including:
  1. Malicious redirects and traffic hijacking.
  2. Site defacement.
  3. Backdoors and web shells.
  4. Pharma hacks and pill spam.
  5. Japanese keyword and SEO spam injections.
  6. Hidden backlinks and spam link networks.
  7. Phishing and social engineering content.
  8. Cross-site scripting (XSS) payloads and injected malicious links.
  9. DDoS attack mitigation via Cloudflare firewall rule configuration.

After your order is confirmed, you will be redirected to a secure order page within your account. This page provides an encrypted form for submitting the access credentials your analyst requires. You retain full control over these credentials and can update or revoke them at any time from your account dashboard.

Plans and Pricing

Plans determine which features are unlocked and how the plugin connects to SecureWP's cloud services.

  • Free: Hardening, login protection, and two-factor authentication are available without any plan. Register for a free license key to unlock malware scanning and vulnerability monitoring. No console access.
  • Pro ($99/site/year): Everything in Free, plus console access, priority scan scheduling, advanced firewall rules, detailed reporting, and 50% off the Expert Cleanup service.
  • Managed ($250/site/year): Everything in Pro, plus proactive monitoring by our security team and the Expert Cleanup service included at no additional charge.

The Expert Cleanup service is available as a one-time purchase at $99 per site. Pro subscribers receive it at 50% off ($49). The Managed plan includes it at no additional charge for the duration of the subscription. If your site requires a cleanup, your analyst is assigned within 15 minutes of the order.

Yes. Pro plan pricing reduces to $79 per site per year for five or more sites. For larger portfolios or custom arrangements, contact us via chat to discuss an agency agreement.

Warranty and Refund

If your site is reinfected within 12 months of a completed cleanup and the warranty conditions below have been met, we will:

  • Reassess and clean the site at no additional charge.
  • Identify and remove any remaining backdoors or persistence mechanisms related to the original infection.
  • Verify the site is clean and perform follow-up checks to confirm stability.

To maintain warranty coverage, the following requirements must be observed:

  • Follow all remediation and hardening recommendations provided after the cleanup. Do not install nulled or unlicensed themes or plugins.
  • Keep WordPress core, themes, and plugins updated and apply critical security patches promptly.
  • Do not host other unmaintained or insecure sites on the same hosting account or server environment.
  • Do not restore backups that predate the cleanup without consulting us first, as these may reintroduce the original infection.
  • Do not remove or disable security controls applied during the engagement, including WAF rules, server-level protections, or configuration changes, without prior consultation.

Refunds are handled quickly and professionally. To submit a request:

  1. Confirm eligibility. Refunds are considered within 30 days of purchase and only where warranty conditions have been followed. In cases of reinfection, we will typically attempt remediation under the warranty before approving a refund.
  2. Contact support via your account dashboard or email support@securewp.com with your name, order number, affected site URL, a clear reason for the request, and any supporting evidence such as screenshots or error logs.

Once approved, refunds are processed promptly. Funds typically appear within 5 to 10 business days depending on your bank or payment provider.

Refunds will not be issued for issues caused by failure to follow warranty conditions, restoration of infected backups, or incidents outside our scope such as third-party API breaches or host-level infrastructure failures.

Yes. After every cleanup engagement, our team is available to answer questions, review security configurations, and provide guidance on maintaining a secure posture. If you are on a Managed plan, ongoing monitoring continues automatically without any action required on your part.