We have used Bluehost as an example here because this is the host we see this happen often but there are other hosts that will do the same. While it may not seem fair, the reason behind it is to protect the other sites on the server that are sharing space with the site that is infected. If the infection is not dealt with it can spread like a nasty cold to all sites on the sever.
The steps one might take next to get their site back online are below and the easiest and fastest way to do so. In order to accomplish these steps you must have basic knowledge of using an FTP client. If you want to skip all this and have us do it. Please visit our WordPress Infection and Malware Removal service at THIS LINK.
STEP #1 – START FRESH
In order to get Bluehost to re-activate your account, they have to scan it to make sure one has removed all the infectious files. Now in the past, they would provide a list of the files that are malicious which one could then audit to replace or remove. They do not provide such a list anymore and make it the customer’s responsibility to find them. So the fastest way to have them scan your account and find it clean is to start fresh. Below is exactly how you would do this.
- Connect to the site using FTP
- Backup the complete folder called wp-content to your computer
- Backup files .htaccess and wp-config.php (found in root of install)
- Backup and other files you need but are un-related to WordPress
- Once backups are completed, remove all folders and files
- Download a fresh version of WordPress from THIS LINK
- Upload .htaccess and wp-config.php to root of WP install
Now this will leave one with a complete fresh install of WordPress. There will be no infected files present unless the .htaccess and wp-config.php file have malicious code in them. At this point one can ask Bluehost to re-activate the account and then we can go on to the next steps of getting the actual site restored and ready for clean up.
WE CAN REMOVE YOUR INFECTION RIGHT NOW!!!
This very detailed service will make sure your WordPress site is fully cleaned and secured to prevent future infections. We will start cleaning right away.
STEP #2 – RESTORE SITE
So while the host has scanned your account, found it clean and then turned it back on, you still can not load your website. The reason it that we removed the files the site needs to load in step #1. Let’s get those files back where they belong. Follow the steps below to restore your site.
- Connect to the site using FTP
- Upload the folder you backed up called wp-content to the root of your WP install
Once you complete this step, one’s site should load fine unless there are other issues with perhaps plugin or theme conflicts.
STEP #3 – SCAN & CLEAN
In the last step we restored the site with the backed up files but these files might have infections in them. We need to make sure they are clean. This step can be executed several different ways. Our favorite free online scanner is the FREE WordPress Infection Scanner Plugin plugin. Check it out at THIS LINK. Once one completes a full infection scan, it will tell if there are any infectious files left inside the wp-content folder. Based of the scan results, these files found should be replaced or removed.
Now that is it as far as making sure you meet the approval process of Bluehost keeping your account active but you still need to make sure you secure it from future attacks. Take a look at WordPress Security the Easy Way. So while Bluehost Deactivated a site because of an infection, the 3 easy steps above will get you active again quickly.