Thanks for your advise, all the sites that were hosted on Bluehost were hacked, I will try and post back a few days later.

For real. That seems like good direction.

I have to agree with Mike here.

I mean, think about it, if they didn't take action and DEindex an infected site where it would attack any visitors computer and files, especially a site that gets lots of traffic, imagine how many innocent peoples' computers and files will be infected.

I understand that it is not really fun when it is your own site that gets deindexed, but the good thing is that Google know that this happens without a webmaster's knowledge, so I am sure they will restore your site once you have everything in order.

Again I am sorry that this (hacking) happened to you. It is a horrible act and I hope you get everything sorted out soon.

I second this motion. Its going to be such a markdown on
Google's part if no move will be taken against such incidents.

Though I might say that things might differ in a case to case basis.

Frank Bautista
The MLMBrander

I agree Mike in makes surfing the internet a lot safer.

Have you sent them an email reinclusion request from webmaster tools? The removal is likely temporary, though it may take time to get back to the ranking you once were.

HTH

This can happen on any host. Definitely make sure all of your scripts are up to date.

I know I would.

Oh I know just what that's like and I know what you mean about Bluehost not helping. All my sites hosted with Bluehost were also hacked recently and since I'm not very tech-savvy, I asked several of their support staff for assistance, thinking that someone would be willing to help me instead of leaving trojan files on a shared server. But nooooooooo they had no interest in helping and like OP says, they blamed "3rd party script suppliers". Took me days to find a solution and if I hadn't paid up front for the whole year I would have moved my sites to Hostgator or another responsible host.

I'm not sure how the hack happened, but in case it happens to anyone else at Bluehost, this is what I advise:

1) Keep Wordpress, themes and plugins updated, update as soon as there's a new version available. Keep windows files updated. Update your browsers, pc antivirus (Avast is a good one) and install Malwarebytes Anti-Malware (update this too).

2) Scan your pc with both and run a boot-time scan with your antivirus.

3) Download a backup of your site regularly. Bluehost have a daily, weekly and monthly backup you can download (including your databases) which you can use to restore your site if needed. If you have a copy of your files from before the site was hacked, download some of your files from the server and compare to see if there is any code that shouldn't be there. In my case just downloading the index file of the site showed a long scrambled code added to the beginning of all php files. If this is the case with your site, you can download your files from the server and edit this manually, look for a script to edit it for you on the server, or you can simply restore your files from an earlier backup through your hosting company. It may also be an idea to delete all your web site files in case any malicious files are hiding in there before you restore, but I didn't do this.

4) Do a search on Google for "Wordpress secret keys salt" and insert new secret keys into Wordpress - changing the secret keys will nullify all cookies so the hacker can't access your wordpress admin area with the cookies still on his computer.

5) Change all passwords - email, Wordpress admin, cPanel login, FTP if you created any FTP accounts. Use the password generator supplied by Bluehost.

6) If you know how to check your MySql databases for any unusual activity or administrator rights you didn't assign, you could also do that. I'm a complete newbie when it comes to MySql but I don't seem to have any further problems after cleaning the files so assume no one messed with the databases.

7) Scan your site daily or every couple of days (search Google for Sucuri SiteCheck Free Website Malware Scanner) so that you know as soon as possible if there's a problem with your site and can take action. They also offer a malware cleaning service for sites. Inside your Bluehost account (the first icon under Partners as you log into your cPanel) there's a link that says "SiteLock". This is another paid service to protect and clean your site.

I don't blame Google at all for taking infected sites out of the index. It prevents these hackers from infecting innocent people's computers. Of course the web site owner is innocent too, but Google's not to blame, the hacker is. Google are just protecting more innocent victims.

Hope this little guide can help someone else in the future.

Hahaha love that comment.

Yeah Lim, who cares just start a new one and skyrocket it to #1

On a more serious note, get rid of bluehost, i had the same issue with justhost some time ago, they don't give shit when you're sites get hacked.

Promises? :confused:

What did G promise?

G promised that they would send ya traffic and dough once you have your sites built??

How did ya manage to get G to owe you a living??

Please teach me that and I'll buy WSO now.

Thanks for your replies everyone, I haven't get any positive message yet, but this is how Google Bots took your site as when comes for malware infection.

“Fetch as Googlebot” tool helps to debug hacked sites

It's not that my site was outdate or whatever, is that someone injected a malware files in the root of my hosting (share hosting) and all my "addon domain" got hurt. For this, the webhost should have full responsiblity for it. And they push the blame for who partner the "script" with them, A.K.A. third party.

Yeah in many ways Wordpress is a pain in the neck. You can't put things where you want them without hacking around. You can't add alot of things without using yet another plugin (which gives hackers more entry points) and then theres one that is having effect on the SEO industry

When you do backlink checks and see wordpress sites with anchor text there is ALMOST the automatic assumption that they are network sites. Every body uses the same column to the right and content to the left designs. Sure you can go with more creative designs but ONE of the reasons people don't is because Wordpress strips html from the excerpts and if you choose a theme that leaves that in there and displays excerpts on the home page then its impossible to leave a link on the home page.

Now of course there are workarounds but its such a pain most people just use the themes that you don't need to work around.

People here are so freaking addicted to thinking Wordpress for everything that they even have to have Wordpress FOR A SALES PAGE. ONE PAGE. LOL

then you have to fight to get what you want exactly where you want. Shucks. Adobe Muse can import the images and anything you want exactly where you want by nudging with arrow keys and drag and drop and create you a sales page in no time without knowing ANY HTML or using any CMS.

The first thing most people on WF think about in building a site is not what would really put them on the map and make them different but - can I do that in Wordpress? Is there a plugin for it? IF not they toss the idea. A case of the tail wagging the dog.

It's happened to me several times with HostGator. One time the hackers actually erased EVERYTHING in my account (almost 100,000 files total).

And another time they just inserted malware into a couple of my Wordpress installs.

Hostgator was awesome in helping me through this. They even waived the $15 fee to restore a backup, and then even went on to scan the backup files to make sure they were clean. It was a pain in the butt, but my sites were back online and running smooth in less than 2 hours from the time I discovered the issue.

In these instances, it's not the hosting companies fault. They way I understand it, the virus can end up on your machine, and work it's way into your websites from there, which is no fault of the hosting company whatsoever.

I heard a lot of good stuff about BlueHost, and if I didn't love HostGator so much, that's probably who I'd use.

I'm sorry this happened to you and I know how frustrating and scary it can be. Unfortunately, it's just part of the game. Even the best anti-virus software can't catch everything, as these viruses seem to constantly be changing faster than the virus programs can keep up.

Also, I wanted to add something that I have been doing to protect my income and my sites from this:

I bought two hosting packages and set up my domains and files on both of them, so on my "backup" account the files are just sitting there. If I get hacked and my files are erased on one of the accounts, all I would need to do is go ahead and change the nameservers on the domains and in a short while the sites would all be back up and working off of my other "mirror" hosting account.

I think that the extra $10 a month this costs me is well worth it. Another great idea is to buy a couple of zip drives (the ones that hold a lot of MB), and download your files to those and keep them in a safe place as your backup. If your sites get hacked, you just contact your hosting, have them run a scan on your account to remove any existing malware, and reupload your files to your hosting account via FTP. This option takes a little longer to get your sites back on line, but is equally effective.

And for option 3 you could always just rely on your hosting companies backup. They will usually restore your files for a small fee. However, this isn't the best option because if something happens and their backups are compromised as well, you'd be out of luck altogether.