Being suspended by your hosting provider is a total nightmare. Over the past decade, we’ve come across hundreds of website owners who’ve been informed by GoDaddy that their website has been suspended due to the presence of malware. The process of reversing the suspension can be a daunting and stressful experience, but it doesn’t need to be. We are going to take you through the process of fixing your website and removing the site suspension.

 

TL;DR

If you have malware and are looking to just clean the infection and fix the site, you can install our WordPress Malware Removal Plugin (MalCare). It’ll instantly clean your site. But to get your website unsuspended by the web host, you’ll need to come back and read the rest of the article.

 

Why Did GoDaddy Suspend Your Site?

GoDaddy runs a regular scan on all the websites hosted on its servers. Upon finding malware on a WordPress website, it suspends the websites and informs the site owners. Suspension of the site is a precautionary measure. Malware on your site may end up using a lot of server resources. This will cause other websites sharing your server to slow down. GoDaddy only wants to ensure that your infected site doesn’t affect other websites located on the same hosting server. This is why GoDaddy suspended your account.

How to Fix GoDaddy Suspension?

The suspension email from GoDaddy holds the key to fixing your website. But we understand if the letter looks indecipherable and daunting to you. Don’t worry, that’s completely natural. We are going to explain everything and walk you through the process of fixing your website and getting your GoDaddy account unsuspended.

We have a copy of a suspension email sent to WordPress site owners by GoDaddy. Have a look at the letter –

Malware detected and GoDaddy suspends site

Malware detected by GoDaddy

In the email, GoDaddy is informing you about the presence of malware on your website and they’ve sent over a list of malware they found on your site. To unsuspend your website, you’ll need to clean your website and then inform the web host about it. In the next section, we’ll show you how you can remove malware from your hacked website.

Step 1: Remove Malware From Your Website

You can clean a malware-infected website in two ways – manually or by using a WordPress security plugin.

Should You Remove Malware on Your Own?

Generally, we advise the readers to clean their website using a plugin and for good reason. One would imagine that with the help of the list of malware provided by your hosting providers, it’s easy to perform malware removal on your own. But that’s not the case.

First of all, to clean your website you will have to access your WordPress files through your hosting account or via an FTP client. Generally, website owners are advised against accessing those files unless you know what you are doing. One tiny mistake can end up in a broken website.

Besides, the list provided by your web host is not a complete list of malware. And the list may also contain false positives i.e. files marked as malware but they are clean.

Hence, using a security plugin is a much-preferred way of cleaning your hacked WordPress site. But one has to be careful when choosing a WordPress security plugin. With the number of security solutions out there, it’s no wonder that many users end up with plugins that don’t meet their needs fully.

Removing Malware With a Security Plugin

Most security plugins run a light scan looking for malware only in places where it is generally present. They also look for only known malware and therefore fail to recognize new malware that could be infecting your website. If you want a good security plugin that used more advanced technology, then MalCare is your best bet.

    • With MalCare, you can run a malware scan on your WordPress website and trust that it’ll find any malware on your website – disguised, hidden or otherwise. The plugin runs a deep scan where it goes beyond the known set of locations to find malware on your site. It keeps track of all the modifications you make on your website and investigates suspicious activities.
    • Moreover, with MalCare you can rest assured that no malware can escape its powerful scanner. The security plugin doesn’t just look for unknown malware, it picks up and investigates codes looking for patterns and behavior that could tell if a code is malicious or not. That’s how it finds new and even complex malware which other security plugins tend to miss.

1. To scan your website with MalCare, simply install and activate the security plugin. The plugin will begin scanning your website automatically and once the process is complete, it’ll alert you about the malware it found on your website.

Scanning and cleaning your website with MalCare

Scanning and cleaning your website with MalCare

2. The next step is to clean your website by selecting Auto-Clean from the dashboard. Sit back and let MalCare remove all traces of malware from your website.

It’ll take a few minutes for MalCare malware removal plugin to clean your website.

At this point you are probably eager to move on and submit your site for review. But hold on. Even when it’s clean, your site can still be vulnerable to another hack unless you find and fix the vulnerability that allowed the hack to happen in the first place. It could be weak credentials, outdated plugins and themes, etc. In the next section, we’ll show you how you can patch the vulnerability. Also you can check most common WordPress security vulnerabilities.

Step 2: Fixing the Vulnerability

There are a few measures you can take to fix the security hole on your website which allowed hackers to access your site. Those are:

1. Update your website

Of the hundreds of thousands of hacked websites that we have come across over the past decade, 95% of was hacked because of a vulnerable outdated plugin. WordPress updates can help improve performance, add new features, and most importantly fix security issues. When you skip updates, vulnerabilities go unpatched and enables hackers to access your website. Hence the next step on fixing your suspended website is to update your WP core installation, and all your plugins and themes.

2. Delete plugins and themes you don’t use

If you are anything like us, and love to try out new tools, then you’ll have dozens of plugins and themes lying inactive on your website. Vulnerable inactive plugins and themes are as harmful as the active ones. You can try and keep them updated but it’s much easier to remove them and not have to worry about them at all.

3. Remove pirated plugins and themes

The idea of using a premium plugin or themes for free is tempting, but it comes with a cost. Pirated plugins and themes are insecure because they have hidden backdoors installed. And if you know anything about backdoors, it enables hackers access to your WordPress website. If you are using any pirated themes or plugins, remove it instantly. See our guide on how to scan WordPress backdoors.

4. Reset all the passwords

Once hackers get into your website, they’ll try and make sure that they can access your website later, even after you have cleaned your site. To achieve this, they’ll use every tactic in the book and one tactic they often use is to create a new user. You can try and identify a user you can’t recognize or you can simply reset all your passwords. That way, the hacker can’t log in into your website. If you are a MalCare client, you can reset the passwords of your website with just one click.

navigate to Site Hardening and Reset all passwords

Go to MalCare, then navigate to Site Hardening > Reset All Passwords

Once you have taken all these measures, you can proceed to submit your website to your host.

Step 3: Ask GoDaddy to Review and Unsuspend Your Site

When you are ready, send an email to GoDaddy informing them that your website is malware-free. You can send a reply in the same thread, the one in which they informed you that your website is suspended. It would be helpful if you could re-scan your website and take a screenshot of the result. Attach it to the email as proof of the steps you have taken to fix your website.

But if you don’t get a reply within 24 hours, contacting Godaddy is a good idea. You can find a GoDaddy representative by calling +1 4805058877.

Tip: Ensure that you have your hosting account credentials close by. The customer care representative may ask for it for verification.

GoDaddy deactivated my WordPress site, but I got my site up and running in no time with the help of this step by step guide. You can too. 👍 Click To Tweet

Step 4: Remove Google Blacklist (if applicable)

It’s quite common for suspended websites to be blacklisted by search engines like Google. The search engine giant wants its users to have a safe browsing experience. Therefore, it blocks users from visiting malware-infected websites. It’s an attempt to save users from becoming victims of unsolicited activities like being redirected to other websites. Interesting to note that users are not given an option to bypass the warning and enter your website. Check our guide on how to fix WordPress hacked redirect.

Google's blacklist warning

Google’s blacklist warning

Before we show you how to remove Google blacklist warning from your website, you’d want to ensure that your website is really blacklisted by Google. You can do a quick site search by trying out the following sentence on your browser –

site:yourdomainname.com

(Remember to replace “yourdomainame.com” with the name of your website)

If you get 0 results on Google, that means your web site is blacklisted.

An alternative way is to check your website with these tools – Is My Website Penalized and Is Banned. Once you are sure that your site is penalized, you can proceed to remove Google blacklist.

Steps to remove Google blacklist:

  1. Remove malware from your website and we discussed how you can do that in a previous section.
  2. Next, you’ll need to inform Google that your site is clean. We have a Google blacklist guide that explains the steps you need to take to submit your site for review.

With that we come to the end of how to fix Godaddy suspension.

Before we come to the end of the articles, we’d love to inform you that we are doing a series of articles on web host account suspensions. You may want to take a look at – Bluehost suspended and SiteGround account suspension. Also learn more on why your web host account gets suspended.

In Conclusion

Getting you site suspended is no fun but it’s a lesson that can make a huge difference in how you are running your websites. Having a security plugin in place can help ensure that your website is protected from hackers in future.

Try out MalCare to protect your site 24 x 7


Tweet