I’m hosting a number of client websites under my IONOS hosting contract. It’s come to my attention a month ago a few sites have Malware. I used some plugins to remove the Malware, but it just keeps coming back.
I’ve signed up to IONOS’s SiteLock “Scan & Repair” service. Which does daily scans of the sites and removes Malware. This seems to be working for now…
However, I can’t imagine this is a long term solution. I believe there may be a “backdoor” in the sites. Tell me what is my best option here?
What would you do if you were in my position?
I’m happy to spend money to ensure this is resolved long term. But equally don’t want to be spending tones!
I am a website designer and trying to wrap my head around all of this technical stuff so I can provide a quality service to clients. I don’t want Malware to keep cropping up… Any advice would be appreciated.
[ad_2]
Check functions.php of those websites, and in particular the available admins.
Ive seen a code being injected into functions.php or even index.php for that matter (wordpress root) that would inject a user with admin rights or simply allow a shell to be inserted through the website.
WordPress is a terrible product. You need to act asap, because you can either serve malware to the site’s visitors or end up in RBL blacklists due to large email spam. Tell your clients to update or disable their website.
It is a cpanel /plesk (or something similar) then unfortulately one infected website can affect all others in the account. You should look at a different type of hosting solution. Check [ServerAvatar server management](https://www.worthyblog.com/serveravatar-review/) tool. Rent a VPS and make your own hosting without being a techy.
Make sure all your themes and plugins are from a legit source, ie the author or repo.
Check for unknown cron jobs on the server – I had a recurring hack that was reinstalling itself daily via cron
Had a similar issue and signed up with Sucuri server side scanner, and it fixed every issue including the removal of back doors.
After that’s done, GET YOUR FIREWALL SET UP.
Running WordPress without a firewall is just asking to be hacked.
You have to find where the malware got in. Find the responsible plugins or themes and fix the holes. Otherwise they will keep coming back.
If it’s over your head hire someone to teach it to you
Sitelock is not a great solution, IMO. A firewall is going to be your best longterm and proactive solution. Along with the usual keeping all plugins up to date, passwords strong and unique that includes Hosting Control Panel, All WP Admin logins, FTP passwords, Database Password and even email account passwords if hosted on same control panel.