WIX Security Emergency Center
Fast help for sites under attack
Are you under attack?
Our security team is ready 24/7 to guide you through containment and recovery.
DDoS — stop traffic spikes
Brute-force — block suspicious logins
XSS & Injections — remove malicious code
Phishing — takedown fake pages
Compromise — isolate and restore from backups
Third-party risk — audit external scripts

How we proceed

  1. Verify ownership — quick provider verification to confirm you're authorized.
  2. Assess impact — automated checks (uptime, anomalies, blacklists) and hands-on review.
  3. Contain — rate-limit, WAF rules, maintenance mode, or block offending IP ranges.
  4. Remediate — remove injected content, rotate credentials, and patch vulnerabilities.
  5. Recover & monitor — restore clean backups, harden, and continuous monitoring.

Why sites get attacked

Attackers choose targets for many reasons. Understanding why helps prioritize response and remediation.

  • High traffic or visibility — popular sites are more attractive to attackers.
  • Outdated software or known vulnerabilities — unpatched CMS/plugins increase risk.
  • Weak credentials — reused or easily guessed passwords are a common entry point.
  • Third-party integrations — compromised external scripts or services can spread risk.
  • Political or targeted motives — some incidents are deliberate and targeted.

What we check automatically

  • Uptime and error rates
  • Traffic anomalies and rate spikes
  • Known malicious IPs and geolocation patterns
  • Content integrity (unexpected scripts or modifications)
  • Blacklist / reputation checks

Attack timeline & cost overview

Below is a concise, professional overview showing common attack types, the typical duration patterns our systems observe, and the expected cost impact language. Specific costs are calculated per-incident and charged through the site's billing account when mitigation services are engaged.

Attack type Observed duration Impact on availability Cost implication
DDoS Often sustained — can persist until mitigations are applied High — site may be unreachable for end users Mitigation requires continuous traffic scrubbing and infrastructure capacity — engaging emergency protection may be costly.
Brute-force / Credential stuffing Intermittent but recurring until blocked Medium — potential account lockouts and degraded service Cost primarily from investigation, credential resets, and account recovery effort.
SQL Injection / XSS Usually short to medium; may persist if undetected Variable — may affect data integrity and functionality Remediation includes forensic analysis and code fixes; costs reflect investigation and developer time.
Phishing / Brand abuse Can be persistent until takedown actions are executed Low to medium — reputational impact and user risk Takedown and monitoring services incur ongoing fees while threats persist.
Supply-chain / Third-party compromise Variable — depends on third-party remediation Variable — may impact multiple pages or services Costs include incident response coordination and potential replacement of compromised components.

Billing note: If you choose to engage our emergency mitigation services from this panel, applicable charges for assistance and protective services will be billed automatically to the site's Wix billing account in accordance with your agreement. To proceed with emergency protection and avoid further availability impact, please submit your request via the Contact panel. Submitting the request authorizes the charge and initiates the mitigation process.