r/techsupport Aug 18 '22

Website keeps getting infected with maleware Closed

Earlier this year one of the websites i made for a friend got infected with malware. The site redirected to other suspicious websites if you clicked on any links. I have cleaned the site from malware a few times and made a fresh wordpress install but nothing worked. It's always coming back and the hosting provider takes down the website. I honestly don't know what to do anymore. The malware probably came on to the site as a theme I have installed wasn't up to date. I contancted the support of the theme and they said they fixed it for me. This was 2 months ago, at first everything seemed to be good but now it came back again. Do you have any suggestions on what I could try to fix this? Thanks!

13 Upvotes

View all comments

3

u/[deleted] Aug 18 '22

What they said. Nobody mentioned checking the DNS records. One of the first steps & easiest ways to maintain persistence over a domain.

Wordpress is inherently insecure. Ditch that nonsensical headache asap.

1

u/jonrick_ Aug 18 '22

What would you recommend instead?

5

u/[deleted] Aug 18 '22

I’m not big into paying for CMS, but they have many upsides for the tech-illiterate userbase. Drupal was a go to for a decade, but many FOSS alternatives exist now.

If it’s a business or you’re handling sensitive info then it’s often worth using the simple UI of Squarespace without major worry about security, compliance & governance. Wix shouldn’t be used, it’s data collection and other policies are awful and their infrastructure is crap in contrast.

Edit: here’s that link https://www.makeuseof.com/open-source-wordpress-alternatives/