WordPress Security Expert

Hi, I’m Rafał Gicgier, a dedicated WordPress security specialist and full-stack WordPress developer with over a decade of experience. I build, secure, optimise and rescue WordPress sites for clients around the world. My focus lies especially in securing WordPress websites, performing WordPress malware removal, hardening WordPress installations and ensuring your site runs reliably and safely.



Proven track-record

11+ years working with WordPress, having built 100+ websites and numerous custom plugins.



Dedicated focus on security

I don’t just develop themes or plugins — I specialise in WordPress security audits, secure WordPress configuration, malware removal, and securing site infrastructure against attack.



Full-service approach

From initial security audit and firewall setup, to malware scanning & removal, through to ongoing maintenance, monitoring and guidance in best practices for WordPress security, I cover all stages.

What I Offer

WordPress Security Services

WordPress Security Audit & Hardening

Comprehensive review of your WordPress core, themes, plugins, file permissions, database access and server configuration.
Implementing strong user-role management, secure login setups (2FA, captcha), limiting brute-force attack vectors.
Enforcing SSL/HTTPS, HSTS, Content Security Policy (CSP) and other modern browser-based protections.
Locking down admin and editor areas, securing wp-config.php, disabling dangerous functions, setting up proper file permissions.

SCHEDULE A MEETING

WordPress Malware Removal & Site Rescue

Deep scanning for malware, backdoors, suspicious code, rogue themes/plugins, hidden spam injections, SEO spam, malicious redirects.
Removal of malware and cleaning of hacked WordPress installations; restoring from backup or rebuilding cleanly when needed.
Fixing vulnerabilities that enabled the hack, closing access points, restoring site integrity and trust.
Post-cleanup monitoring and support to ensure no residual threats remain.

SCHEDULE A MEETING

Secure WordPress Configuration & Ongoing Maintenance

Secure setup from scratch: themes, plugins, hosting environment (server/hardening), updating best practices.
Regular maintenance: core/ plugin/ theme updates, security patching, database & file backups, malware monitoring.
Performance & security go hand-in-hand: optimizing site speed while keeping the setup secure and resilient.
Hosting recommendations & migrations to secure, high-performance WordPress hosts.

SCHEDULE A MEETING

Initiate With Problem Identification

The process begins with a clear understanding of the issue: what is happening, when it started, and how it affects your WordPress environment. This ensures that all actions are precise, efficient, and tailored to your system.

Engage With Your Technical Team

When applicable, I collaborate directly with your in-house technicians, hosting provider, or external development team. This allows for a coordinated approach, reduces downtime, and ensures that all relevant parties understand both the problem and the solution.

Conduct a Thorough Investigation

I perform a full diagnostic review of the WordPress installation, file structure, database, server logs, user accounts, integrations, and hosting environment to reveal irregularities, vulnerabilities, or signs of compromise.

Determine the Root Cause

Using the findings from the analysis, I identify the exact source of the issue—whether it’s malware, a vulnerable plugin or theme, misconfiguration, unauthorized access, or a server-side weakness.

Outline a Clear Action Plan

Before any remediation begins, I provide a structured plan detailing required steps, timelines, responsible parties, and expected outcomes. This ensures transparency and alignment across all stakeholders.

Execute Targeted Remediation

I remove malware, backdoors, malicious code injections, infected files, unauthorized users, or problematic configurations. The goal is not just to fix the visible symptoms but to fully eliminate the underlying issue.

Pricing

WordPress Security Pricing

$90/hour

Initiate With Problem Identification
Engage With Your Technical Team
Conduct a Thorough Investigation
Determine the Root Cause
Outline a Clear Action Plan
Execute Targeted Remediation
Implement Comprehensive Security Hardening
Educate Your Team for Future Prevention

SCHEDULE A MEETING

F.A.Q.

Frequently Asked Questions

How do I know if my WordPress site has been hacked?

Common signs include unexpected redirects, unknown admin accounts, slow performance, strange files on the server, or warnings from Google or your hosting provider. If you notice any of these, it’s important to begin a WordPress malware investigation immediately.

How long does WordPress malware removal typically take?

Most simple cases are resolved within a few hours, depending on the severity of the infection and the complexity of your hosting environment. Each cleanup includes full malware removal, backdoor detection, and security hardening. Edge cases are discussed internally.

Will you tell us what caused the infection?

Yes. Identifying the root cause is a crucial part of the process. Whether it’s a vulnerable plugin, outdated theme, weak credentials, or server misconfiguration, you’ll receive a clear explanation of what allowed the breach and how to prevent it in the future.

Can you work with our internal technicians or development team?

Absolutely. I aim to collaborate with in-house teams to ensure a smooth, transparent WordPress security audit and remediation process. Coordinating with your technicians helps speed up the investigation and ensures long-term security alignment.

What does “securing WordPress” actually include?

A complete WordPress security hardening typically involves:

strengthening login and authentication
tightening file permissions
configuring secure hosting settings
updating WordPress core, plugins, and themes
installing monitoring & firewalls
removing unused or risky components
The goal is to minimize attack surface and protect your site from future threats.

Can you guarantee that the site won’t be hacked again?

No security professional can ethically guarantee that. However, with proper secure WordPress configuration, routine maintenance, and safe operational practices, the risk can be reduced dramatically. After cleanup, I provide guidance to help your team maintain a secure workflow.

Ask A Question

Try Me

Let’s hop on a quick call and see how we can make something great happen together. Whether you’re curious, have ideas to share, or just want to connect, I’d love to hear your story and explore what we can create.

Schedule a meeting

What They’re Saying

Customer Testimonials

Whatever the scenario – big-deal complex code, micro-design issues, sketchy legacy code – Rafal just gets it and finds a way through.

Jean

Owner, via Codeable

Rafal is a good communicator, works quickly and efficiently and his work is exemplary… I will most definitely employ him again.

Serge

Owner, via Codeable

I have been working with Rafal many years, always a pleasure, always reliable, always fast – if you need someone, work with him. Clear recommendation.

Timo

Owner, via Codeable

Satisfaction Guaranteed

Certified Codeable Expert Developer

⚡4.95/5
overall rating
⚡229
projects
⚡54
customers

SEE MY CODEABLE PROFILE

2 weeks ongoing maintenance support

If I mess something up, I’ll fix it for free. Don’t be worried about being left alone.

SEE MY REVIEWS

Try Me

Cyber Security: Anonymous Browsing

Cybersecurity Certificate - Hackers Exposed

Cyber Security: Hackers Exposed

Cyber Security – Network Security

SCHEDULE A MEETING

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	1 year	The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.

Cookie	Duration	Description
__cf_bm	30 minutes	Cloudflare set the cookie to support Cloudflare Bot Management.
aet-dismiss	never	Disqus sets this cookie for the functionality of the website’s comment system.
badges-message	never	Disqus sets this cookie for the functionality of the website’s comment system.
drafts.queue	never	Disqus sets this cookie for the functionality of the website’s comment system.
submitted_posts_cache	never	Disqus sets this cookie for the functionality of the website’s comment system.

Cookie	Duration	Description
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gh_sess	session	GitHub sets this cookie for temporary application and framework state between pages like what step the user is on in a multiple step form.
brwsr	1 year 1 month 4 days	This cookie is set by the provider Impact Radius. This cookie is used for affiliate marketing.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
disqus_unique	1 year	Set to record internal statistics for anonymous visitors.

Cookie	Duration	Description
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.
DSID	1 hour	This cookie is set by DoubleClick to note the user's specific user identity. It contains a hashed/encrypted unique ID.
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_octo	1 year	No description available.
cf_clearance	1 year	Description is currently not available.
logged_in	1 year	No description available.
VISITOR_PRIVACY_METADATA	5 months 27 days	Description is currently not available.