Malware scanning and removal is a part of our Security Guarantee.

Malware Removal Process

The process of inspecting a site, scanning it for issues, and removing infections may take up to one full business day to complete. Particularly pervasive infections may require multiple rounds of inspection. In some rare cases, where a site has been corrupted beyond repair, it may be necessary to restore the site using a backup.

Removing malware often produces site-breaking results as infected plugins and themes are removed. As a result, we recommend using a plugin to place the site into maintenance mode during the malware removal process.

If you encounter evidence of malicious code or site behavior, contact or open up a support ticket with our Malware & Abuse team in MyKinsta.

Steps Taken By Kinsta

There are a few mandatory steps in our malware removal process which will be completed by our Malware & Abuse team for every repaired site:

Steps You Will Need to Take

Following the completion of malware removal, we will ask you to take several additional steps to secure your site:

These steps should be taken within one business day after we request that they be taken. Failure to take these additional steps will mean that our Malware & Abuse team will be unable to remove future infections for free.

Scanning Additional Sites

Having one of your sites infected with malware can lead to concerns about possible infection of your other sites. However, because Kinsta uses a container-based hosting infrastructure, cross-contamination between sites at the server level is not possible.

This means that if there is no specific evidence that additional sites have been compromised, then there’s no reason to think they have been infected.

Inspection of sites to identify possible infections is limited to sites that exhibit specific evidence of infection. In the absence of specific evidence, we would recommend that you use a site-scanning service or plugin such as Sucuri Security to confirm that the rest of your sites have not been infected.

Infections Discovered During Migration

A deep scan of all site files is a standard step in our migration process. If we determine that your site is infected during a migration, we will pause the migration and report the issue to you. At that time, you will be provided two options:

  1. Proceed with the migration, have Kinsta remove the infection, and a $100 malware removal fee will apply.
  2. Cancel the migration, work with a third party to repair the hacked site in the prior hosting environment or repair it yourself, and then reschedule the migration.