all of my websites using avada theme from babito have beed suspended by my host stating containing malicious codes.

[Niji]

all of my websites using avada theme from babito have beed suspended by my host stating containing malicious codes. All the plugins and themes I have ever used are downloaded from babito. I never use any plugin or theme outsite from babito. its very hard to understand that the uploader are trusted uploaders still there are maicious codes in it. My system is totally malware free and I never save any password in browser and I give tips to my clients how they can save their pc/laptops from hackers or malwares...

my clients are very angry with me as im unable to fix it.. what shoild I do?? I urge babiato community to help me out.

problem arise when I updated avada old versions to avada 7.8.x versions

 

[zaid69]

The best way is to keep the websites updated, when you don't update your website for a longer duration there are chances that your website will get hacked. advise your clients to use hosting which provides malicious file detectors.
My opinion: Don't go for high-priced hosting which doesn't even provide you with any virus scanner (like Bluehost).

 

[Loki]

all of my websites using avada theme from babito have beed suspended by my host stating containing malicious codes. All the plugins and themes I have ever used are downloaded from babito. I never use any plugin or theme outsite from babito. its very hard to understand that the uploader are trusted uploaders still there are maicious codes in it. My system is totally malware free and I never save any password in browser and I give tips to my clients how they can save their pc/laptops from hackers or malwares...

my clients are very angry with me as im unable to fix it.. what shoild I do?? I urge babiato community to help me out.

problem arise when I updated avada old versions to avada 7.8.x versions

maybe next time try to remember my friend, all resource from babiato just for study or testing BEFORE YOU BUY original product.
So if you get any files or resource from here, dont ever try to use it on your client or commercial.

 

[onemore]

What kind of "malicious codes" they have detected ?....this is way too generic, you should have a backup to scan it yourself and see exactly what is....or post the results here

 

[Nivrah]

all of my websites using avada theme from babito have beed suspended by my host stating containing malicious codes. All the plugins and themes I have ever used are downloaded from babito. I never use any plugin or theme outsite from babito. its very hard to understand that the uploader are trusted uploaders still there are maicious codes in it. My system is totally malware free and I never save any password in browser and I give tips to my clients how they can save their pc/laptops from hackers or malwares...

my clients are very angry with me as im unable to fix it.. what shoild I do?? I urge babiato community to help me out.

problem arise when I updated avada old versions to avada 7.8.x versions

Share the scanner's results like @onemore advised. The community will be able to at least try to assist you. Furthermore, always backup the sites so that you can revert to previous builds.

I partly agree with @Loki, you should use the plugins here for testing purposes. But, since we were not all born with a silver spoon in out mouths, you can, as you did, use them on production sites just enough to make some money then start buying valid licenses.

Never ever ever use the plugins here to make a living without giving back, that's just asking for what happened to you.

 

[maximx86]

Agree with all the above. The quickest way would be to revert back to the previous versions of the 'infected' software. Liaise with the hosting provider and investigate please. I'd also recommend to implement change management for any software implementations (upgrade/downgrade) as well as business continuity and disaster recovery. It's a must in a production environment. It'll save you a headache in situations like this and make you look professional in front of your clients. There's always a room for improvement. We learn from failures, not from success.

 

[darkRd]

Sometime original files also have some bugs so malicious software use these files and infect websites. This is why some minor versions are released. Check if your themes and plugins are up to date.

 

[koeng]

Did you update to the latest version?

v7.8.2 - September 21st, 2022
- SECURITY: Fixed CSRF (cross site request forgery) vulnerability in Avada's class-avada-admin.php

It's not Babiato's fault that there is a vulnerability in an (old) theme or plugin.

 

[shikite]

I personally use resource from babiato and i know rule about nulled, in this case if resource is posted by admin then i believe it, but even resource uploaded by someone else then what you do is

• Look into the file itself
• compare with original/untouched "is there any changes or not, any hooks related or anything that could harm"
• if that can change so change it
  of course you need knowledge about that not just pick resource then use it

You still need effort & it's not simple or easy, you got this free and they buying it
and importantly don't blame this community

 

[thambyz]

all of my websites using avada theme from babito have beed suspended by my host stating containing malicious codes. All the plugins and themes I have ever used are downloaded from babito. I never use any plugin or theme outsite from babito. its very hard to understand that the uploader are trusted uploaders still there are maicious codes in it. My system is totally malware free and I never save any password in browser and I give tips to my clients how they can save their pc/laptops from hackers or malwares...

my clients are very angry with me as im unable to fix it.. what shoild I do?? I urge babiato community to help me out.

problem arise when I updated avada old versions to avada 7.8.x versions

Can i know which provider you are using. Are you using reseller hosting or added all domains to single cpanel account?
Few of them just block port 80/443 for the affected domains until you fix the issue. I dont think hosting provider completely deleted the domains.
Does your hosting provider provide any scanning option like Imunify360?

 

[Niji]

Can i know which provider you are using. Are you using reseller hosting or added all domains to single cpanel account?
Few of them just block port 80/443 for the affected domains until you fix the issue. I dont think hosting provider completely deleted the domains.
Does your hosting provider provide any scanning option like Imunify360?

Im using reseller account with scala hosting for the last 12 years but never faced such issue earlier

 

[thambyz]

Can you see the domains as suspended in WHM panel? Does it allow to open cPanel of suspended domain via WHM?
If you are able to access cPanel try to find out if there are any files which are added or modified in last few days and check them.
Few hosting providers create a text file in home directory (outside public_html) with a list of suspected files. If there is any such file open it and check which files are listed as suspected.

 

[Niji]

(1) domains suspended in whm ..infect webaccess has been also disabled for my whm and reseller cpanel..but after deleting my innocent 12 years old never changed website (even 12years old prices), I managed to get open access of whm and reseller cpanel of my resller website only

 

[khongcoji1]

Im using reseller account with scala hosting for the last 12 years but never faced such issue earlier

Perhaps the only very simple process is to update all services on your old server =))

 

[thambyz]

(1) domains suspended in whm ..infect webaccess has been also disabled for my whm and reseller cpanel..but after deleting my innocent 12 years old never changed website (even 12years old prices), I managed to get open access of whm and reseller cpanel of my resller website only

What happens if you click the orange cp icon beside suspended domain name in WHM -> List accounts.
Hosting provider should surely provide a way to fix the issue. Did you get any instructions in email notification when domains are suspended?

 

[Niji]

What happens if you click the orange cp icon beside suspended domain name in WHM -> List accounts.
Hosting provider should surely provide a way to fix the issue. Did you get any instructions in email notification when domains are suspended?

they said remove infection first

 

[thambyz]

they said remove infection first

Can you share TeamViewer access to your PC?
If you are comfortable please provide in DM

 

[thambyz]

What happens when you click this cP icon beside suspended domain.

 

[alexbeck]

what babito?

 

[xlx]

@Niji Bro, could you share on which host are you publishing your sites?
Thanks