Solved

Malware Problem on Web Site

Posted on 2013-01-03
6
394 Views
Last Modified: 2013-01-03
Our church web site just presents information and allows downloading recordings of talks/classes.  We don't sell anything, etc.  We don't require login.  We have no scripts, etc.

We use the hosting service, Bluehost.

Google alerted us that we had malware.  We removed it and changed to a 10 character complex password and it keeps coming back.  We have checked for added "chron jobs" and there are none.

Bluehost isn't much help.  Is there a hosting service that will provide adequate security?  We know there are third party security services like sucuri.net but the hosting service should provide some security.  A quick search indicates that none of them seem to make any strong effort on security.

Also, any guidance on third party security services would be welcome.

Thanks.

Gar
0
Comment
Question by:garcpr
  • 3
  • 2
6 Comments
 
LVL 29

Expert Comment

by:Randy Downs
ID: 38740742
There are plenty of hosts like Rackspace that provide much better security but it comes at a cost. Where Bluehost is very reasonably priced they don't offer much in support.

What sort of malware was detected. If it was an exploit of php then shutting down php would resolve the issue but would disable any dynamic pages you have using php.

There are also 3rd party solutions like McAfee that will scan your site for vulnerabilities but that won't help much if your host can't or won't fix them.
0
 

Author Comment

by:garcpr
ID: 38741115
At this point, I'm not sure about the kind of malware (I'm a retired engineer, not an IT person).  And it now appears that our current problem is getting Google to remove a blacklist on our site.  I looked at our code on Bluehost and I don't see any malware lines.  I was going to send you an example (would that have been a problem?).  It involved something about "ifiles".  We don't have any dynamic pages.

Thanks for recommending Rackspace.  Could you suggest a couple more similar services so we can compare them?
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 38741116
@garcpr,

I would recommend you to scan your website by going to below link. This would scan your website and let you know the probable cause of why it has been listed with Google and also what pages contains the scripts which you would need to remove.

Further you would need to make sure that you website it updated if you are using the older version of wordpress or some old modules of wordpress which are vulnerable.

Link to scan the website:

http://www.sucuri.net/

Sudeep
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 29

Expert Comment

by:Randy Downs
ID: 38741919
If you don't have active pages then you probably have some scripts that are causing the problem. Look at your .js files.

Additionally you may have pages & folders that were added to your site.
0
 
LVL 29

Accepted Solution

by:
Randy Downs earned 500 total points
ID: 38741955
0
 

Author Closing Comment

by:garcpr
ID: 38742430
Thanks for your help.

Thanks to Sudeep also for his suggestions.

I checked again and we don't have any scripts or .js files.  There are a few small php files.  I think they are Bluehost files.

Our site is, as I described it, very simple.  It is "small", it's scope and functionality are quite narrow compared to commercial sites, etc.

Gar
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Symantec enterprise client 5 34
Virus Kronos 4 69
iOS and Managed domains 2 59
How do you remove all folder and file permissions? 11 73
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now