Let’s take a wild guess. You are most likely reading this article because Bluehost has just informed you that your website has been suspended!

That basically means your website is inaccessible to your visitors. Now, this can spell disaster for your brand, revenue and not to mention your search engine ranking!

A website suspension is definitely not an enviable situation to be in! And one that should be remedied promptly.

In this post, we address the elephant in the room –  what to do when Bluehost suspends your site.

Without further ado, let us dive in and find out what really goes on behind a web host suspension, and what to do when Bluehost suspends your site.

If you are only looking for a way to remedy your situation in a jiffy, just skip right to The hitchhiker’s guide to fixing your suspended website. For those who wish to understand why your website has been suspended, read on.

  1. Why has your website been suspended?
  2. What happens when a website is suspended?
  3. The hitchhiker’s guide to fixing your suspended website
  4. Onwards

Why has your website been suspended?      

There could be myriad reasons why your website was suspended. While the most common reason for website suspension is lack of payment, a hacked website is an obvious candidate for a website suspension. So why are web hosts so prompt to suspend a hacked website? Let us explore the reasons.  


A compromised website can be abused by the hacker to send spam emails by the tens of thousands. This is because most email providers mark emails sent from IP addresses with a history of abuse, as spam. So once the hackers get access to your website (with its clean IP address), they are able to use it to send spam emails by the drove. Examples of such spam email include unsolicited emails for illegal pharma products, dating websites and other misleading emails. Sending countless such emails can get the IP address of the entire server blacklisted, thereby affecting all the websites on that IP address.   

Server and network overload

Hacked websites are notorious for causing server and network overload. Oftentimes, hackers introduce malicious programs into the website that are designed to overload the host server and monopolize its resources. Another cause for server and network overload is when a hacked website is used as a storage space for illegal files – movies, music, and even pirated software. In a shared hosting environment, the server resources are also shared. Any website that is seen to be the cause of the overload is bound to be suspended.  

Vector for malware

A hacked website could also serve as a vector for sending malware to other websites. In such a scenario, a malicious program is injected into a vulnerable website. From there, it uses a similar exploit to infect other websites as well. If your website is being used as a vector for malware, there are high chances that Google or any internet service provider will report the abuse. This, in turn, will cause your web host to suspend your website.   

Apart from billing-related issues and hacking, another common reason for web hosts suspending a website is policy violations. Every hosting provider has certain policies in place, mostly regarding the intent and content of its hosted site. Websites flagged for spam, copyright violations, phishing, or illegal content are in violation of these policies and are duly suspended.

What happens when a website is suspended?

So now that you comprehend the reasoning behind a website suspension, let us understand the impact of a suspended website.

Up to 90% loss of traffic

When your website is suspended, a visitor trying to access your site would be greeted with a message that says, ‘this account has been suspended’. This can impact your web traffic adversely. In fact, you could potentially lose up to 90% of your site visitors, all thanks to a web host suspension. A rather bitter pill to swallow, we know!

Impact on Search ranking

Google determines where a website should land up in search results depending on the traffic it receives for keywords relevant to it. Search ranking is thus directly proportional to the web traffic a website receives. An adverse loss of traffic can, therefore, sound a death knell for search engine results!   

Impact on brand and revenue

Loss of web traffic and fall in search engine ranking can also irreparably damage your brand reputation. Revenue also takes a pretty heavy hit as a consequence. That is because the longer your website remains inaccessible, the more damage your reputation and in turn, your business suffers.

Under such dire circumstances, the only possible course of action is to remedy the situation urgently. So if you have received an email from Bluehost in the form of a Warning Alert, don’t fret, because help is at hand.

A sample of the daunting email typically sent out is shown below.

Screenshot of a daunting email sent by Bluehost

Screenshot of a daunting email sent by Bluehost

That is one intimidating and disheartening email!

And not just because it is informing you that your website has been hacked. But the formidable list of tasks you need to carry out to get your site back online seem like Greek and Latin to someone whose mental faculties may not be at the best, given the difficult circumstances. Even for a technically well-versed person, the entire process is rather arduous and risky, to put it mildly.

There has to be a better way, you say. We say, there is. Below is a comprehensive and step-by-step guide on how to fix your suspended website.

The hitchhiker’s guide to fixing your suspended website

Based on the Bluehost email, we can safely say that the enlisted tasks can be broadly categorized into 5 main steps:

Contact Bluehost to learn the cause of the suspension

Scan your website for malware

Clean your website of malware

Secure your site against future attacks

Re-scan your site to ascertain it is malware-free

Contact Bluehost, again

Contact Bluehost to learn the cause of the suspension

The first and most obvious step to unsuspend your website is to go to the source of suspension – Bluehost. Contact them promptly and get details regarding the suspension. If they suspended your website because of some malicious code attack, find out if they have found any specific files that have been infected.

Scan your website for malware

The second step, and the most demanding one at that, is to go through the list of infected files provided by Bluehost. There are multiple options to scan your website for malware. You could either try to scan malware manually (risky and ineffective to be honest!) or with the assistance of a security specialist (might cost you an arm and a leg!). However, do note that Bluehost’s infected file list need not be comprehensive or exhaustive. So whichever option you do choose, bear in mind that there still could be hidden or undetected malware residing on your website. With a plethora of security plugins available in the market, you can rely on any reliable malware scanner to auto-scan your site.  

Clean your website of malware

Once you have scanned your website for all possible malware, the next step is clean-up. Apart from being a crucial one, this is quite a complex step as well. Before undertaking a website clean-up, it is critical to have a safe, working backup. In fact, as a responsible website owner, if you have already backed up your site, you can do without most of the distress associated with malware removal. However, if you haven’t done a website backup yet, do so pronto (Here’s a quick comparison of the most popular plugins).

Coming back to the topic of malware clean-up, this is one task best left to experts. Why? Because it requires WordPress proficiency of very high order. However, if you do want to brave the daunting task of cleaning up your website on your own, then refer to this guide for instructions and tips. There are, however, numerous malware removal services to choose from. The catch? Even the most popular plugins rely on manual intervention for malware removal. While many have a turn-around time of a few hours, some take days to respond! Faced with a website suspension, time is of the essence. This is where MalCare saves the day.

With a one-click instant (yes, you read that right!) malware removal, your website is malware-free under a minute! Don’t take our word for it, try it out for yourself.      

Secure your site against future attacks

So now that your website is malware-free, it is important to ‘harden’ it. Site hardening measures include using security keys, disabling your file editor, handling plugin and theme installations.

Employing best security practices as a user can go a long way… As well as changing your WordPress login URL, using complex passwords, two-factor authentication, etc.” – Brian Jackson

Implement site hardening measures post-haste. Unless, of course, you are using MalCare. With simplicity at its core, MalCare offers One-Click Flexible Site Hardening features. And what’s more? It can also help accomplish the tasks mentioned in Bluehost’s email in (wait for it…) just one-click!

Re-scan your site to ascertain it is malware-free

The next step after you have secured your site with the best WordPress website hardening measures is to re-scan your site. This is to avoid the embarrassing situation of getting suspended again for the presence of any new malware. A case in point is Backdoor, a type of malware that keeps reintroducing new malware into the website. Besides, it never hurts to check twice!

Contact Bluehost, again

No, it is not back to square one for you. But once your website is safe and secure, you need to notify Bluehost promptly that you have made the necessary changes for them to unsuspend your site. If you are as pedantic as we are, you would also like to refer to the security guidelines mentioned in Bluehost Security Checklist to ensure you have followed all the steps mentioned. Once you have done that, sit back and relax – your site will be back online in the next fifteen minutes to half an hour.


An ordeal such as this is usually enough to convince a website user that hackers don’t discriminate. Any website, however small, or seemingly inconsequential is a potential target for a hacker. Hackers are on the look-out for security loopholes. Once they find these, they launch an attack on all websites with similar security lapses. Implementing best WordPress hardening practices and installing an effective security plugin can ensure most of these lapses are covered.

When it comes to website security, MalCare with its Early Detection technology is ahead of its competitors in detecting malware, much faster. Once you are notified of a possible threat, all you need to do to clean your website instantly is click on the auto-clean option. That is it! No waiting for hours or days for manual assistance, and absolutely no technical know-how required either. Sounds ridiculously simple, doesn’t it? Well, that’s because it is.


Has your site been suspended? Fix it instantly with MalCare!