Wordpress site with BlueHost

I have a customer that has a WordPress site hosted on BlueHost but everytime you bring it up, it says this file or that is infected with a virus.  How do I go about cleaning this up?  I do have admin rights to the site now.
Daren Anderson, MSISPresidentAsked:
Who is Participating?
Jason C. LevineConnect With a Mentor No oneCommented:
There's a bunch of different things you need to do.

1) You need to determine what file or files are infected.  

Before any fix, you have to figure out how the virus is being spread.  Usually one or more wordpress core or theme files get modified via a shell exploit to serve up malware but an attacker can also insert code into the database if s/he figures out how to do that.  So step one is examining all theme files, core files, and content entries looking for the bad code.  http://sitecheck.sucuri.net/scanner/ can help with this

2) You need to harden WordPress

First, make sure all plugins and themes and WordPress itself are patched and at the latest versions.  Then, harden your installation by following suggestions laid out here:


3) You need to determine how you were compromised

There are three broad vectors of attack against a site:  

a) A poorly coded theme or plugin is exploited
b) Poor passwords on the hosting account get brute-forced
c) The ISP is not serious about security and gets hacked and users gain root control over servers

You figure out a) and b) via a little research but if the problem ends up being c) then move to new hosting.
Older plugins using timthumb.php have been a big cause of recent exploits.

I had a problem with a site that kept injecting buy Viagra links and I couldn't figure it out no matter how hard I looked.  In the end it was just easier for me to export the posts, delete the database, re install WordPress and import the posts.

But marked as infected with a virus is a little more serious than my spam links.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.