Knowledge Base

Bluehost Malware Protection Awareness

If your WordPress site is compromised and you’re on the Complete Security plan, you can request manual malware removal (Complete Security human intervention). This article explains what’s included in the service, what’s not, and how to qualify for manual intervention.

Scope of Manual Malware Removal
How to Qualify for Manual Intervention
Summary
Related Articles

Scope of Manual Malware Removal

If you are on our Complete Security plan, our Malware Protection team is ready to step in and clean your site. If your WordPress site gets compromised, our experts will fully restore it for you.

Below is exactly what we include in our manual malware removal service and what falls outside our scope.

In Scope:

Human malware removal from files and file system
WordPress core integrity repair using clean core files
Database scanning and malware removal
Malicious user account identification and removal
Malicious plugin & theme identification and removal (repeat compromise root cause analysis)
Disabling broken or compromised plugins/themes to preserve site availability

Not in Scope:

Plugin or theme updates/upgrades
Non-WordPress software or custom application
Configuration of 2FA or CAPTCHA on your site
Delisting from Google or any other blocklist, you handles this your end (Malware Protection monitors, not delists)
Deletion of spammy posts created by rogue/compromised WordPress users

How to Qualify for Manual Intervention

Important: To request manual malware removal, your website must meet certain requirements. Please review the following qualifiers to ensure you are eligible for this service:

Site is online & reachable (no blocking, no 503, no maintenance mode, no authentication wall, no coming soon page)
DNS must resolve to Bluehost
Site MUST be WordPress
You MUST be on Complete Security plan

Tips and Reminders

If you are on the Complete Security plan, please allow the Malware Protection tool to finish scanning and removing files automatically before requesting manual support.
Malware Protection Level 1 and Level 2 protect the entire server - not just individual sites. These plans will continue to run on the server regardless of the website status.
Only Complete Security covers individual domains and will still automatically monitor and remove malware for the assigned domain.

Summary

Manual malware removal is a specialized service for WordPress sites on the Complete Security plan. The Malware Protection team will remove malware, repair core files, and help restore your site’s integrity. Make sure your site meets the eligibility requirements before requesting manual intervention. For ongoing protection, let the Malware Protection tool handle automatic removal whenever possible.

If you need further assistance, Bluehost Chat Support is available 24 hours a day, 7days a week while Bluehost Phone Support is available 7 days a week from 7 am-12 midnight EST.

Chat Support - While on our website, you should see a CHAT bubble in the bottom right-hand corner of the page. Click anywhere on the bubble to begin a chat session.
Phone Support -
- US: 888-401-4678
- International: +1 801-765-9400

You may also refer to our Knowledge Base articles to help answer common questions and guide you through various setup, configuration, and troubleshooting steps.

Did you find this article helpful?