https://sitecheck.sucuri.net tells me there is a random ‘malware.injection’ threat on multiple pages of my site.
I’ve contacted my paid origin hosting provider, Bluehost, who tell me I need to consult Cloudflare for a solution because my nameservers point to Cloudflare, not Bluehost.
Any ideas on how to solve this issue? Any help would be appreciated. Thank you in advance.
With such a response I’d strongly advise to change host as that is a blatant display of incompetence.
Your nameservers naturally point to Cloudflare but your hosting is still with them. Unless you have implemented these redirects on Cloudflare (which is unlikely) they originate most likely from your server/host.
I plan to change to Siteground after my current agreement with Bluehost expires. I’ve had this excuse from them before; it appears to be their standard response now. I argue the point logically but Bluehost just keep going back to how the nameservers point to Cloudflare. I hate Bluehost now. I signed up to them because they were recommended by Pat Flynn from Smart Passive Income. I don’t give him the time of day anymore, if that’s the crowd he recommends.
Anyway, my issue still isn’t resolved. Any thoughts or ideas?
If I may answer my own question, I am pretty confident you do not have workers or page rules set up. I quickly checked out your site and the redirects appear to be JavaScript related respectively to something you include on your website.
This definitely is not Cloudflare related and I am afraid probably even outside the scope of responsibility of your host (their response was still inadequate though). You’ll need to debug your site and track down whatever is the reason for these redirects. If you need assistance I’d consider hiring a professional or alternatively take this to a forum dedicated to such issues.
As a follow up to this, Bluehost finally provided me the assistance I need but I could only get that assistance in a roundabout fashion. The cause of the issue was a plugin which had been compromised, called “Related Posts”, which is no longer in the Plugin directory for download.
