Haval GWM by Thorp - Rebuilding Trust After a Security Breach, and Setting a Standard for the Group

When a dealership website gets hacked, the damage goes beyond the technical. Thousands of spam URLs, a Google manual penalty, and a brand customers couldn't find. We rebuilt it from the ground up - and what we delivered became the design standard for the entire Thorp Motor Group.

The Brief

Haval GWM by Thorp is a premier vehicle dealership in Cape Town, offering new and pre-owned Haval SUVs and GWM bakkies with an industry-leading 10-year warranty. The dealership is part of the broader Thorp Motor Group, which also operates Suzuki, Chery, Isuzu, and Subaru franchises.

Haval GWM by Thorp came to RubyWeb via Ruby Digital following a critical security incident. Their existing website had been compromised by a hack, resulting in thousands of spam URLs being injected across the site and a manual penalty from Google that made the site effectively invisible in search results. The brief was to rebuild from scratch, remove all traces of the compromise, restore search visibility, and set a design standard replicable across the rest of the Thorp group.

The Challenge

A hacked website with a Google manual penalty is not a maintenance problem – it is a credibility crisis. The immediate technical challenge was stripping every trace of the compromise from the codebase and building a clean replacement that could be submitted to Google for manual review and penalty removal.

The longer-term challenge was building something worth replicating. The Thorp Motor Group had four other dealership websites, and this rebuild was scoped to become the design foundation for all of them.

  • Website compromised by a hack - thousands of spam URLs injected, making the site untrustworthy for users and search engines
  • Google manual penalty applied - the site was effectively suppressed in search results
  • No historical analytics or performance data available to inform design decisions
  • New platform needed to serve as the scalable design foundation for four additional Thorp dealership sites
  • Competitive automotive market requiring strong UX, fast performance, and clear conversion paths
  • Trust needed to be rebuilt with both users and search engines from a clean starting point

Our Approach

We treated this as a security recovery and rebuild project, not a standard redevelopment. The priority was removing every trace of the compromise before any design work began – a clean codebase was non-negotiable.

With no historical data to draw on, design decisions were made on user experience principles and automotive industry best practice. The rebuild needed to perform well for users browsing vehicle ranges and making enquiries, and to do so at a standard that could be cloned across the group.

Architecture & UX Decisions

The site was built with a vehicle range browsing experience at its core – intuitive navigation across models, clear specification and warranty information, and accessible enquiry and test drive booking paths.

A flexible, responsive framework was used to ensure the design could be replicated for Suzuki, Chery, Isuzu, and Subaru without structural rework – only brand-specific design elements needing to change per dealership.

The Build

The core deliverable was a fully rebuilt, secure WordPress website – clean of all compromise traces, optimised for user experience and search recovery, and designed as a scalable template for the Thorp Motor Group. Key deliverables included:

  • Complete site rebuild from scratch – all traces of the hack removed
  • Security hardening throughout the new platform to prevent recurrence
  • Google manual penalty recovery process – clean site submitted for review
  • Vehicle range browsing experience with intuitive model navigation
  • Clear calls-to-action for enquiries, test drive bookings, and service appointments
  • Responsive, mobile-first build across all page types
  • Scalable design framework replicable across Suzuki, Chery, Isuzu, and Subaru dealership sites
  • Performance optimisation for fast load times across all device types

The Outcome

The rebuilt site restored trust with users and search engines, laying a clean foundation for traffic and conversion recovery. The Google manual penalty process was initiated with a clean, compliant platform ready for review.

The design and technical framework delivered for Haval GWM by Thorp became the standard for the entire Thorp Motor Group. Four additional dealership websites were subsequently built on the same foundation.

Gallery

Frequently Asked Questions

The first step is stripping the compromise completely - removing all injected code, malicious URLs, and backdoors from the codebase. Once clean, a new build begins on a secure foundation. After launch, Google's manual review process is initiated. There are no shortcuts - the platform has to be genuinely clean for the review to succeed.
Once a clean, compliant site is live and a reconsideration request is submitted, Google typically responds within a few weeks. Traffic recovery then follows as rankings are restored.
Yes - with the right architecture. We built the Haval GWM by Thorp site on a flexible, scalable framework where brand-specific elements can be swapped out per dealership without changing the underlying structure or functionality.
By reducing the steps between interest and contact. Clear model navigation, accessible specification pages, prominent enquiry forms, and test drive booking calls-to-action at every logical point in the browsing journey.
Security hardening is built into the platform from the start - secure authentication, regular plugin updates, file permission controls, malware scanning, and a maintenance plan that keeps the platform current.
Yes, when integrated correctly. WordPress with WooCommerce or a custom vehicle inventory plugin can handle live stock listings, filtering by model or specification, and enquiry routing to the right sales team.