Site Hacked

You can get around this by not using WordPress!

It's a tough situation. Times when my WP sites got hacked I had to simply start over with a new install. The malicious code can hide in numerous files or in your database.

I find it an interesting coincidence that Hostgator has product just for this situation.

Personally for WP sites I have moved to a different host solution. I use Digital Ocean as my host and ServerPilot.io as my managed solution which aids with security and server management.

These servers do not have a mail server by default so my Wordpress sites will never send emails. IMO this is huge security boost as I bet my server is not on a hackers list of targets.

Next I use a little .htaccess file that restricts admin access to only my IP address. I don't use wordpress for memberships or allow logins. For comments I use a third party tool like Disqus or simply FB comments.

The very best advice I can give when it comes to wordpress. Don't use free themes or plugins unless you are 100% confident of the source.

The first important thing to do is to change your passwords. Then you can perform a database search and delete posts or comments which include spammer domains (be sure to backup it first!). You can also contact to your hosting tech support to look for further advice.

For question number 2, yes you can

Use A2hosting because they offer PATCHMAN service for free on shared plans. That may clean your malware like Sitelock.

There are a lot of WP plugins that to daily backups for you even uploaded directly to DropBox. Of course this doesn't help you in this situation, but you can do this in the future.

Install this: https://wordpress.org/plugins/better-wp-security/

This problem has been there with virtually EVERY WP install. You can have a look at WpEngine which provides some level of security by itself, and also has a option of daily backups which you can restore. Install a firewall plugin too, it will take care of the 404s that other sites have been sending on your website.

Often when my sites get hacked they are running old modules, themes or old WP core...

UPDATE everything regularly (or don't use WP).

I've cleaned sites myself, but often this takes forever - and is risky.

You can install a new WP site, import all your /wp-content stuff and your database, and update all your plugins - however you may just copy the injected code across to the new install.

I've had instances with Drupal where the injected sh!t has landed in the database and been a nightmare to remove... With a small business website it's often easier to build the client a new site...

This is very tough situation to be honest as once your site gets hacked, then google also flag it with malicious content which is very time consuming and tough task to remove the flag from google.
Anyways, some hosting provides security but taking backups is the best option in such situations. If you have the backup, then you would have to delete all the files first and replace it with the clean files.
If google has also flagged your site, then after uploading the clean files, you would have to submit a request for the review which will take 24 hours to review and remove the flag.

Hey,

First of all, it probably hacked from one of your WordPress plugins.
you have to upgrade and search if there is some suspicious plugin or out of date plugins.

Next step:

Clean you WordPress installation by download and extract new installation.

Step three
install this plugin
https://wordpress.org/plugins/lockdown-wp-admin/

It will lock your website administration and hackers can not found it and brute force the admin panel.

If you can ask your server administrator to scan your site from exploits.

I hope my tips will help you.

If you switch to other hosting service provider you need to upload those content again and The virus is again effect to your data.Make sure you and your editors not use any cracked version of software.And better you contact hostgator continuously to say your problem.

Always take a backup of your site. No matter how much your site is protected, it always gets issues so if you have a backup, then you don't have to worry.

All you have to do is download the Wordpress MySQL database from phpMyAdmin inside the Hostgator Cpanel.

Next use Filezilla to download any self hosted images.

Delete the WP install and anything else inside the www folder on the Hostgator account that you don't want/need.

Next do a clean Wordpress install with a better admin password.

Trust me, the hacked site wasn't a result of the host, it was OP and weak password/s. The hacker probably did a simple weak password dictionary attack on the admin login which should show up in the host server logs (cpanel).

Running from one host to the next doesn't solve your problem.

You see, WordPress sites are a bit like Honda Civics; everyone has one, and therefore every enterprising car thief worth a damn knows how to break into it.

You can change your passwords, keep your plugins updated, and do whatever you want with your website--but it's still a WordPress site. In fact, this is a bit like adding an aftermarket security system to your Civic--it's still fundamentally a Honda Civic, a profitable and easy target for car thieves.

A bespoke solution sitting behind a more secure and less widely known platform--while it won't stop someone who's out for blood--are at least enough of a hassle to make them consider going after an easier target instead.

I have a sneaky suspicion that the malware we are encountering on our sites that are hosted by HostGator is being planted by Sitelock to extort or scam money out of their customers!

Over the past 10 years that I have used HostGator, I have never encountered the number of so called "hacked" sites like I've encountered over the past 12 months. I feel strongly that all of this "malware" has been planted by SiteLock. I am so tired of the games -- it is ridiculous!!!!

Does anyone know how to find and clean/delete any scripts on your sites that is redirecting your site to a phishing site? I cannot afford to pay another party to clean all my sites again. Any help will be greatly appreciated.