Since the moderator LOCKED my previous thread:
http://www.bluehostforum.com/showthread.php?p=69343

I will respond to his comments here.
------------
I have a Mac. My computer cannot be infected and passed on. It is Bluehosts responsibility to MAKE SURE it's customers know what they can do to protect their sites. How hard would it be to send out an email and list what each webmaster needs to do to protect themselves from hacking and protect Bluehost? Instead we get a response pointing the finger only at the webmaster.

Google now has Bluehost listed as a company that passes the virus along. To me that is serious. If I were Bluehost I would work to get our name off that list and work with our website owners to clean things up.

But here is some practical advice I would like to share with anyone who may have an issue:

1) Go to: unmaskparasites.com (http://www.unmaskparasites.com) to type in your url to see if you have any hidden iframes or advertising on your pages.

2) Make sure all your permissions are set at 644 for files and 755 for folders (according to a nice tech guy from Bluehost).

3) Make sure you do not allow anonymous FTP. It is set as a default that allows this.

4) Do not store your password in a FTP software program.

5) If you are a PC user, you must run a virus scan on your computer prior to uploading and downloading your files.

6) Word Press - hackers use this portal to gain access to your websites and files with this virus. Make sure you have the latest version of Word Press or simply delete it and use Blogger.com or another company that is not an add-on to your server/websites.

I'm sure there is a lot more you can do, but this is what I have learned from my research.

Patrice

The Mac operating system is nowhere near as secure against viruses as Windows is. The only difference is that most viruses are intended to attack Windows rather than the mac os (which is part of the reason why windows has so much more security built in).

BlueHost provide web space and allow us to put whatever web related files on there that we want. They make sure that the accounts are set up in such a way that anything running on one site cannot affect what is running on another site. It is our responsibility to make sure that what we run on our own computers and our own hosting account is kept secure.

Google just list web pages. If lots of people are misreporting that it is BlueHost's fault that a miniscule fraction of the sites hosted there are infected with a virus and that somehow makes it BlueHost's fault then that doesn't make the pages that say that correct.

There is probably something in BlueHost's terms of service that allow them to discontinue the accounts of those giving them a bad reputation from something like this which has nothing to do with them and so an obvious response would be to delete those accounts affected. It is such a small fraction of what they host they probably wouldn't even notice that those few accounts were gone.

The permissions on your files should be set appropriately in the first place unless you or a script running on your site changed them.

Anonymous FTP is off by default when you get your account so it should still be off unless you or someone who has already breached your account turns it on.

It is essential that everyone including Mac users have antivirus software running. They also need to run antispyware software on a regular basis since the easiest way for someone to get intoyour account is if they get spyware running on your computer to capture your password as you type it in. You should also have a good firewall that blocks outgoing access in case anything does get into your computer. Everyone should have these as the minimum for securing their own computer regardless of what operating system they are running and whether or not they have a web site.

The Mac operating system is nowhere near as secure against viruses as Windows is.
Prediction: this thread will turn into a Mac/PC flame war, resulting in thread locking and multiple bannings. :D