Common 403 Forbidden Error or Malware?
-
Hello, and thank you in advance for any help you can provide.
Before getting into my site issue, a note about my WordPress experience level so you know best how to respond. I’m not a coder. I’m quite comfortable working with plugins, some very basic HTML and generally navigating WordPress on the back-end but beyond that, I would need very specific instructions if things get more technical.
Here goes…
After a week of struggling with 403 Forbidden errors, my site was taken down by Bluehost. This is their email to me:This email is regarding last chat with us, seems like you are not able to login to https://josephluther.com/wp-login.php
The issue is with your account have the malware , We apologize for the inconvenience that you have experienced. I have checked your account and currently, it has been suspended by our Terms of Service Department for Malware/Viruses. This means that your account has either been infected or hacked and you will need to clean your account before it may be reactivated.
We have generated malware.txt which has the list of infected files, there can be false positives. You will want to review the files and remove the injected code from important files and/or remove unused or invalid files.
The malware.txt is only an example of the infection. It does not contain a complete list of infected files and may contain some false positives. You will need to go through every single file on the account, 1 by 1, and remove the infection. Please be careful removing any code as it can render your site unusable.
Malware.txt file will be generated in this path cPanel<<FileManager<<Malware.txt .
Once you remove the malware file , we can scan the account again and fix the issue for you soon. Please feel free to contact us if you have any further questions. We are available 24×7.
So, I’m feeling at a loss for what to do next. Going through “every single file one by one” is beyond the time, expertise and energy I have for this right now.
What’s more confusing is that a Google search for 403 Forbidden errors seems to show that it’s a pretty common thing among WP sites and usually is the result of misconfigured plugins. I was prepared to follow the procedures here:
https://www.wpbeginner.com/wp-tutorials/how-to-fix-the-403-forbidden-error-in-wordpress/
Of course, I’m unable to do that now as my site (https://josephluther.com) is no longer available on the front end or back end.
In terms of site security, I’m good at keeping my plugins updated – they’re all on auto-update. And I also have the Jetpack plugin.
One final note, prior to receiving the email from Bluehost, the problem was being unable to login to my site due to the 403 Forbidden error. I chatted with service people on 4 separate occasions. 3 of those times, the Rep seemed to believe it was a plugin issue and worked with me to disable and reactivate plugins, etc. 1 of those times, the Rep immediately tried to get me to purchase a Sitelock plan for $300. Each time, the issue seemed to be resolved but then started again the following day.
I hope that sums it up for you.
Am I dealing with malware or a common 403 Forbidden error that I can resolve without having to completely clean my site or both? Please advise. This site has been nothing but trouble.
I look forward to any guidance you can provide.
– JP
The blog I need help with is: (visible only to logged in users)
-
Hi there,
You are posting in the support forums for the hosting provider, WordPress.com. Your site is connected to your account with us via a plugin called Jetpack, but your site is not hosted on our forums so we have no control over how it works.
If Bluehost took down your site, you need to continue working with them directly to fix the issue and get the site restored.
For help with the open source WordPress software you’re using, you can ask the WordPress.org community at https://wordpress.org/support/forums/
And if the issue is being caused by a specific plugin, please contact support for that plugin directly.
-
- The topic ‘Common 403 Forbidden Error or Malware?’ is closed to new replies.
WordPress.com Forums 