I have multiple wordpress sites stored on my server and they keep getting hacked (about 7 times in the space of about 3 weeks).
I keep replacing the malicious files that the hosting company tells me about by downloading them, deleting the malicious code and then re-uploading the files and all is fine.... then they get hacked again.
By 'hacked' I mean that they are forwarding to apparent malware sites.
I have all the latest wordpress software installed on each so it's not that that is causing the problem, and I have changed my FTP passwords multiple times during the attacks and the passwords for the wp-admin on each site, so that's not the problem either.
Any ideas how I can prevent this from continuing to happen?
Here are links to the sites in question if it helps: