I thought perhaps you’d like to know the names of a couple of the files used convert my sleepy little natural body care site into a phishing site feared and hated by Google, PayPal, BlueHost and phishing-site-cops.  They are easily found on the web, and you can even buy your own version!  I got mine “free”, but at some cost.

The two most dreaded files seem to be: update.paypal, and update.bofa/Unauthorized%20Verification%20Form.htm.  Update.paypal is a deal, at $20.   I guess Hackers have to make a living too, and without them a whole lot of internet security folk would be out of a job.

Other people it seems have had great experiences with BlueHost being helpful after their site was hacked, I’m not feeling the love.  But, so much of “Support” depends on who you get.  I particularly love the admonition to keep my finger always over the “update” button, while being blocked from updating the sites!  Not that the info on how to pro-actively secure a site wasn’t entertaining following a hack.  It seemed a little like being shown proper flossing techniques while getting fitted for dentures.  A bit late, and this is the time for drastic measures, not preventive steps.

Thinking it over, I think I’ll secure my as yet unaffected site, then begin the scorched earth cleaning and rebuilding process.  Here are some useful links for information on securing and/or rebuilding your MySQL / PHP driven site:

My Zen Cart was hacked – now what?

10 Ways To Secure Your WordPress Install

The links below may require a BlueHost account:

Google Flagged My Site as Malware

What can I do to increase my Site Security while hosting with Bluehost?