My website keeps getting same virus

My website keeps getting the same virus.  What happens is that my antivirus or google's Chrome browser will catch it if I go there.  The security says the malware is trying to redirect it to a porn site - myf*pus*.com.

So I deleted all my files in public_html about 2 weeks ago uploaded my files and it's back again!
I talked to the hosting company bluehost.com and they are not sure.  They said possibly my PHP code is out of date.  

I had someone design one of my websites and they used php.  Could the php be out of date perhaps leaving some back doors for some rogue program to get into?

I use frontpage 2002 SP3
It's a bit aggravating....

servent1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

epochassetCommented:
If your on a shared server, you might be getting the virus or code injection by just being there.

Make sure that everything in your site has read only permissions unless it absolutely has to have write.  In this case, anything else on the shared server wouldnt be able to modify your site code just by trolling through directories on the filesystem and modifying files with specific extensions (html, php, etc).

This is the first thing to do in order to prevent further issues.

Next, you need to determine if your developer used any third party CMS (content management system), etc. Look at the files, pick out folder names that look somewhat unique and search for them on google.  If your using something like joomla, your going to want to check for security updates, as your application may have holes.

As always, change all passwords you use to access your site, as your credentials may have been obtained using a variety of means.

These would be the things to start with.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
servent1Author Commented:
Good suggestions.  I changed my file permissions and password.  I won't know until about at least a week if I get infected again.  Thanks for the advice.  
0
astralcomputingCommented:
servent1, your web server has an outdate os or service, and it has a vulnerability. There are worms on the web that search for vulnerable systems, crack the http and inject this code.

It probably has an app on it and probably alot of href silently put on.

Either your hoster has to patch the system or you should get a new hoster.

This is almost certainly the cause.

If you think it is php code, a vulnerability assessment will most likely reveal it. There is a charge for those services.
0
e-wiZzCommented:
I had hosting at same company,and my site was hacked like 5 times,so that is problem 100%
i researched on net,and i saw at couple "hacking" forums a lot of accounts from that hosting provider...so find other one if you want to make secure site
i suggest Applied Security http://www.appliedsec.com/
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.