How To Remove Malware From Bluehost Website?


Can you help? Has anyone had issues with BLUEHOST lately? Both of my sites were spammed. One site hasn’t even been launched, I was working on it. I have spent hours with them on the phone. A supervisor is looking into it but since March, I have 600 file malware attacks. OMG. I have UpdraftPlus WordPress Backup Plugin, SUCURI Security Plugin and WORDFENCE Security Plugin Activated. Should I have more?

I had SiteGround WordPress Hosting a few years ago and checked this year, but I found their prices were outrageous. I saw other people complaining about that as well. Maybe paying for premium security would make a difference and it still would be less than SITEGROUND.

Could be the WordPress Updates… or plugins but I only use those plugins recommended for WP. IMHO…I did have Social Warfare on of which had warnings of breeches and it was suggested to remove it. I did but maybe too late. Who is the blame does not matter at this point. The issue needs to be fixed and BlueHost is cooperating.

Thank you

solved 0
aliakkas38 1 month 1 Answer 0

Answer ( 1 )

  1. Could be different reasons. It really depends on your setup and the type of hosting and security you have. It seems you have WordPress plugins but do you have anything securing the underlying hosting account? Do you have a WAF? I work in cyber security and systems administration and have been doing so for the last 5 yrs. At the very least I would recommend doing a site check scan. It’s free.

    First action seems to be to blame the host. If you have that many security plugins running I’m guessing you are new at this. Until you figure out how the malware is getting in, you will probably get hacked on another host too. Usually it’s a plugin or theme. Frequently one downloaded for free from the Internet (and not from the WordPress repository), often one being given out free or cheap that would otherwise cost money if downloaded from the author’s site. Not always, of course. Or it could be it got hacked because there was a security hole and it wasn’t updated.

    A large number of people who don’t build sites professionally (and sometimes those that do) get hacked. The hosting account itself is one way for them to get in.Sites being “spammed” can mean anything from a bunch of bad comments with “spam” links to pages or files being compromised. (spam is actually junk messages and isn’t the same as malware)

    Has the site been maintained continuously since before the attack? There are a number of legitimate plugins that have vulnerabilities patched over the past few months. Unupdated software is the most common way to get hacked. Presumably BlueHost has instructed you to change all of your credentials as they relate to the site.

    Siteground has become way over price and there are many more that are reasonable. Go to InMotion Hosting. They will migrate it for you. best decision I ever made was to get off of BlueHost. When your business gets serious, you need to find a better host.

    Best answer

Leave an answer

Captcha Click on image to update the captcha .