Our church web site just presents information and allows downloading recordings of talks/classes. We don't sell anything, etc. We don't require login. We have no scripts, etc.
We use the hosting service, Bluehost.
Google alerted us that we had malware. We removed it and changed to a 10 character complex password and it keeps coming back. We have checked for added "chron jobs" and there are none.
Bluehost isn't much help. Is there a hosting service that will provide adequate security? We know there are third party security services like sucuri.net but the hosting service should provide some security. A quick search indicates that none of them seem to make any strong effort on security.
Also, any guidance on third party security services would be welcome.
Thanks.
Gar
What sort of malware was detected. If it was an exploit of php then shutting down php would resolve the issue but would disable any dynamic pages you have using php.
There are also 3rd party solutions like McAfee that will scan your site for vulnerabilities but that won't help much if your host can't or won't fix them.