How To Remove Malware From Bluehost Hosting in 2023

Many of our customers have their Bluehost hosting accounts compromised with malware and most times it’s not a hosting-related issue, but more of a website security problem.

MAGEFIX SecurityMalware cleanup & protection

Try our Free site check.

Here is how we review each Bluehost account suspected of malware contamination:

  • We start by making a list with all the currently active sites hosted on the account. If we notice more than two websites, we have a cross-site contamination situation, where sites infect each other; and
  • Second, we check the FTP accounts, SSH access, Cron jobs, email accounts, and the cPanel contact email address – often changed with anonymous fox attacks;

If we got the green light from the customer to proceed with a cleanup, we immediately:

  • Disable public access & replace the homepage with a static temporary HTML page – this will buy us time to secure data & perform backups;
  • Manually review each site component, including core files, plugins & themes – we may find if one of the plugins has a security vulnerability; and
  • Perform a thorough cleanup, update all the components & make the website live again;

Lastly, after we make sure the website is live again & fully working, we move on to the next phase:

  • We perform a blacklist check and make sure the domain is not blacklisted by Google, McAfee, or any other security monitor;
  • In case the domain is blacklisted, we address each blacklist as a separate case and we follow it until the blacklist is cleared;
  • Google may disapprove the ads for malicious software – this is also addressed as a separate case;

Important notes:

  • If two or more sites are affected by malware, we recommend each customer get better hosting, to isolate each website – this will address the cross-site contamination. Hosting companies we often recommend, which provide reseller hosting plans for multiple sites are CrocWeb, HawkHost & Stablehost. For busy sites, we recommend Knownhost-managed VPS.
  • Disable public access for any development & test sites – these eventually become outdated & cause security issues.
  • If email privacy is important, switch email accounts to a separate email hosting provider, such as Google Workplace, Fastmail and ProtonMail.
  • Use strong passwords: Use strong and unique passwords for your cPanel account, FTP accounts, and email accounts. Avoid using common passwords.

By following these steps, you can significantly improve the security of your Bluehost hosting account.