Bluehost have deactivated site due to malware/virus

astrew
(@astrew)

7 years, 11 months ago

Hello, I am hoping to ask @leejosepho for his advice as I have come across a blog post 8 months ago whereby you gave someone some great advice avoiding paying $300 to a Security company to “fix” the site. I have not been given a breakdown of which pages are infected, I have only spoken to a security firm who have offered a one off $300 fee for cleaning of a $129/month fee for ongoing cleaning/security.

My site is a photography portfolio and at the moment I am not working as on maternity leave and trying desperately to resolve this myself. What I am hoping to find is help doing the back end stuff on WordPress – do you or anyone know who might be able to do this for me or walk me through the process and charge me a nominal fee of course.

Going forward, I have noted the ninjafirewall/bulletproof security and word fence security that you mentioned in your post and have seen this plug-in on wordpress: Anti-Malware Security and Brute-Force Firewall.

Thank you to anyone who can help.

Viewing 8 replies - 1 through 8 (of 8 total)

Nebu John Thaliyath
(@nejwrks)

7 years, 11 months ago

Happy to help you. Did you tried WordFence and what was the result?

Thread Starter astrew
(@astrew)

7 years, 11 months ago

Not yet, I need to get my site cleaned and reactivated before I can figure out the security I will use in the future.

Nebu John Thaliyath
(@nejwrks)

7 years, 11 months ago

Ok. Have they given you the location or the URL creating the problem?

Thread Starter astrew
(@astrew)

7 years, 11 months ago

No, I have rung twice but been redirected straight to Security companies that can “sort” the problem. Would that help, having the URL creating the malware/virus?

Nebu John Thaliyath
(@nejwrks)

7 years, 11 months ago

Usually they will provide the file location which are affected by malware.
Please take the back up of the current files and re-install your WordPress, themes and plugins. This should solve your problem.

leejosepho
(@leejosepho)

7 years, 11 months ago

Please take the back up of the current files and re-install your WordPress, themes and plugins.

Keep only your database (already in place there on the server), your /wp-content/uploads/ folder and any *customized* theme or child theme in /wp-content/themes/, but delete everything else other than wp-config.php and then use only fresh downloads to re-build your installation. Any help available from anyone here at the forums can happen only right here at these forums, and you are welcomed to post as many questions as necessary while rebuilding your installation.

randyrodriguez
(@randyrodriguez)

7 years, 11 months ago

Hey, I’d love to help however I can. Bluehost can provide you with a malware txt file. Does that sound familiar? With my experience they would give a listing of the infected files on your account.

Mark Ratledge
(@songdogtech)

7 years, 11 months ago

@astrew said:

and charge me a nominal fee of course….

These forums are not for soliciting people to work for you. If you can’t do the work yourself, consider looking for a reputable person on http://jobs.wordpress.net/ or http://directory.codepoet.com or http://upwork.com

The only way to be sure you have cleaned a hack is to carefully follow FAQ My site was hacked – WordPress Codex. Then take a look at the recommended security measures in Hardening WordPress – WordPress Codex and Brute Force Attacks – WordPress Codex

@randyrodriguez and @Nebu: a text file of infected files is only a place to start to fix a hack, not simply a list of files to remove that wil fix the site.

@randyrodriguez: these forums are not for soliciting employment.

This topic has been closed as per the Forum Rules – Offering to Pay