You’re trying to log in, and your website is showing this error: “This account has been suspended. Contact your hosting provider for more information.”
The notice is particularly frustrating to encounter, because it is obscure, without a clear indication of what has happened and how to fix it, beyond a general instruction to contact your web host.
By the end of this article, you’ll know exactly how to handle this error and set up some measures to prevent it from ever happening again.
Your site is suspended most likely because of a hack. If you want a quick fix use our WordPress security plugin to clean your site. However, you will need to come back to this article to learn how to submit your site for review to your web host.
Why did your website or account get suspended?
Web hosts can suspend websites or hosting accounts for many reasons; mostly due to non-compliance with one of their policies. Suspension means that they have temporarily taken your website offline.
When you try to access your website, you’ll find that you are being redirected to a different URL like https://yoursite.com/cgi-sys/suspendedpage.cgi.
Here are some of typical reasons why your website was suspended:
1. Your website is hacked
2. Your website is using excessive resources
3. Your payment to the web host has failed
4. Other policy violation
Important – Check your email for a warning notice from your web host. They usually clearly state why your site was suspended along with steps you can take to unsuspend it.
1. Your website is hacked
Hackers exploit vulnerabilities to gain access to your website. They use your website’s resources to redirect your visitors, Inject spammy keywords in to pages, send spam emails, inject spam links, attack other websites, steal information, among other things.
And in the process, your website gets suspended.
You may be wondering: why would your web host suspend your hacked website, if it only affects you and your visitors?
Well, because your hacked website opens up a can of worms for your web host:
- Your hacked website will use excessive resources; substantially more than what it is allotted. [Excessive usage of resources can be caused by other issues as well. We’ve covered those in the next point.]
- Spam emails sent from your website, and your web host’s IP, will get the IP blacklisted. Once an IP is blacklisted, it affects all websites on the same server.
- Your website can be used to hack other websites as well. That’s another strike for the web host’s IP.
- If one of the websites on their server has malware, the web host will receive warnings. Blacklisted IPs can elicit warnings from data centers, cloud providers, ISPs, among others.
And that’s just the tip of the iceberg. So web hosts keep an eye out for situations like this, and take rapid action.
A hacked website is a serious problem. Even if your web host has sent an email with details of the malware, use a malware scanner to double-check.
Once you have the list of malware though, that’s just the starting point. We strongly recommend using an automated malware removal tool like MalCare to clean up the hack, in order for the web host to unsuspend your website and for you to regain access.
2. Your website is using excessive resources
Your website likely exists on your web host’s server with hundreds, if not thousands, of other websites. Resources, like processing power, memory and storage, are shared by all the websites that exist on that server.
To make sure that all the websites hosted on a shared hosting plan get a fair amount of server resources, web hosts set a cap on those resources for each account.
Usually, a web host will alert you if you are reaching or exceeding the resource limit before suspending your account or smacking you with a “website account suspended” notification. Yes, this is a clever little tactic to get you to upgrade your hosting account. But it can also remind you to double-check your website traffic for bad bots.
Just in case you missed that alert, take a quick look at your inbox. Their email might just explain exactly what happened to your account.
Side note: It may be tempting to upgrade and solve the problem, however it can be a superficial fix. Often, there is an underlying problem and moving to a higher plan will not fix these issues.
3. Your payment to the web host has failed
Web hosts have your credit card information on file, and will charge it automatically at the time of renewal.
However, these transactions can fail for multiple reasons like insufficient funds, expired cards, or fraud prevention. And you will then get an email saying that the transaction has failed, and to please update your payment information. In fact, most of them will send reminders several times a month before the due date via email as well, if you are on a yearly subscription plan.
This is the most common reason web hosts suspend your website, and show you the “This account has been suspended” message. The fix is simple enough. Just make your payment and the site will be up and running in no time. We also recommend switching to an annual subscription, to avoid suspension hassles and missing reminders.
4. Other policy violation
It’s ok, you didn’t read the web host’s policies. Most of us don’t.
They’re difficult to understand but they are extremely important. Because violating policies can lead to website suspension.
Hosting providers draft wide-ranging policies on the kind of content you can publish on your website.
The suspension is caused under circumstances such as copyright violations, spam generation, unsolicited emails, unauthorized admin use, and storing illegal material on the server.
Some web hosts also enforce policies around political content and the sales of dubious pharmaceutical products.
How to Remove Web Host account suspension?
Keep in mind that seeing this error means that the web host has suspended your website. As outlined above, there are several reasons it could have happened.
We’ll outline each fix, based on the reason. Once you’ve addressed the issues, you can appeal for a review from your web host.
1. Removing Malware Infection
Removing malware from an offline website can prove to be tricky.
At this juncture, you need to speak to your web host, who can give you temporary access to your website or whitelist it so you can resolve the issues. Alternatively, you can log into your web host dashboard, or use FTP access to download a local copy of your website files.
Once you regain access to your website, install a security plugin, and scan your website for malware.
Even if the web host has shared a list of malware your website has (malware like favicon virus etc;) , chances are they haven’t caught everything.
Side note: If you are wondering that restoring a backup will clean your site, then let us tell you that it’s a bad idea. The backup itself could be infected. Moreover, restoring backups cannot remove the extra files and folders that hackers uploaded on your server. Bottom line is, you can’t clean your site via backups.
You need to remove the malware to unsuspend your site. This certainly is a step ahead but clean-ups are challenging.
We do not recommend attempting to clean the infected files yourself, unless you are skilled in WordPress development. Hackers attempt to conceal infected files by using legitimate-sounding filenames. There’s a good chance that you will miss a few files, or conversely delete a few necessary files.
Generally speaking, manual cleanups are extremely difficult and inefficient, unless done by an expert. A WordPress security plugin is much easier to operate and does a better job. Even if you don’t have a list of malware, it will help you clean your infected site.
As we said before, contact your hosting provider and ask them to whitelist your IP address to get temporary access to your website.
At this point, your hosting may push you to buy a malware scanner from them. But fair warning, you need a deep scanner that can identify known as well as unknown malware, a scanner that looks into every nook and corner to find hidden malware.
We recommend MalCare’s Deep Scanner. It will scan your site thoroughly, and clean it under 60 seconds. Then all you have to do is ask your web host to review the suspension and remove the “account suspended website” warning. This is the quickest way to resolve the issue.
If you want to check out other WordPress scanning and cleaning tools, here’s a list we’ve compiled: WordPress Security Plugins.
Important: Although your site is infection-free now it can get infected again in the future. You need to remove the source of infection. The most common source of infection is outdated themes, plugins, and weak credentials. Update all your themes and plugins, remove nulled themes and plugins, and use strong usernames and passwords.
2. Addressing excessive resource usage to remove the Suspension
By now, you may be wondering how you can figure out what is causing this excessive resource usage in the first place. An early symptom of excessive usage is 504 errors on the site.
A good place to start is to check with your web host. Some web hosts like Cloudways will show you resource usage but finding granular information is difficult.
Resource usage data is not easily accessible anywhere else, except with your web host. They can tell you whether the increase has been gradual (and therefore potentially natural) or there have sudden spikes, which point to problems.
Did your hosting provider help you figure out if the usage of excessive resources is the cause of suspension?
Great. The next step is to figure out what led to the use of excessive resources. As we said earlier, web hosts don’t offer granular details which would have helped you figure this out.
There are many things that lead to the use of resources like a spike in traffic, the use of poorly coded plugins and themes, and DDoS attacks.
Which of these led to your site suspension. To find out, let’s tackle each cause one at a time.
→ Traffic spikes
- Check Google Analytics to find out whether your website was drawing more traffic than usual right before the suspension.
- If there is a spike, what caused it? Were you running a giveaway or did one of your articles go viral?
If you can’t find a reason for the spike, then your website may be experiencing a DDoS attack. In this type of attack, your website is overwhelmed with traffic (usually bots) in hopes of bringing your server down.
Bots are combing the Internet, in order to scrape data from websites, or to hack them. Check if your site is under bot attack and learn how to prevent it with this article on how to stop DDoS attacks and how to protect website from brute force attacks.
Malware causes websites to get overloaded and use up excessive resources. Web hosts are sometimes able to detect malware, but almost all the web hosts we have seen use basic malware scanners. You need an in-depth scanner to help you get this assurance.
If the reason for the spike was positive—a giveaway or improvement in the ranking—upgrade to a better hosting plan.
Or move to a better web host that will allot your website more resources. Having a good offsite backup can help you migrate to a new host easily, obviating the need for a website review.
3. Poorly coded plugins and themes
If the cause isn’t malware or traffic spikes, chances are that your website isn’t structured optimally. For instance, consider any newly installed plugins or themes. They may not be coded well.
Poorly coded plugins and themes need a whole lot of resources to run or update. An early indicator of a poorly coded plugin or theme is a 503 or 402 error on your site like we mentioned earlier.
Suppose you are able to discover which plugin or theme update caused the issue. How do you confirm if the plugin or theme is poorly coded or that it is using excessive resources?
This is tricky.
To understand if a plugin or theme is badly built, you’ll need to take it apart and investigate. Not only will you need strong technical skills, but you’ll require time to investigate it thoroughly.
Honestly, this is just not possible for the majority of WordPress users. And it defeats the purpose of having a plugin in the first place.
The best way to judge whether a plugin or theme is good, is to apply the same decision matrix you would with any online shopping experience:
- How it’s rated
- How frequently is it updated
- How is it affecting the speed of the site
- Is it being sold via a known marketplace
- Reviews of people who have actually used it for a significant time
Caching can also help with load problems. Setting up caching is easy, follow the instructions in this article: how to clear WordPress cache.
4. Rectifying payment failures
Payment failure is a fairly common reason for suspension. To remove the suspension and “this account has been suspended website” notice, all you need to do is make the payment.
But you do need to move fast to resolve payment issues.
Web hosts will keep website data available for a short while, but they are under no obligation to do so for any specific length of time. Web hosts want customers to renew, so the odds are in your favor; but delay here is not advisable.
If you had independent backups here, then losing your data because of web host suspension is not a big deal. You have your entire website available to restore.
In our opinion, it is as good a time as any to move to another web host if you were thinking about it.
5. Rectifying policy violations
If your site was suspended because of a policy violation, you’ll need to find out which policy you are violating and how.
You can try reading your web host policies but they are usually full of legal jargon and difficult to understand. Don’t waste time wading through that; the best solution is to contact support and ask for clarity.
Next, you will need to remove the content which is causing the violation. If you can’t make that compromise, then it’s best to migrate to a different hosting provider.
- Here’s a list of the best hosting providers will help you select the right option for you
- And this article will help you migrate your website to a new web host.
Submit your site for review to your hosting provider
Having fixed your site, it’s time to inform your web host about all the steps you took.
All this is not mandatory but it does go a long way to show that you take website security seriously. Hosting providers respond positively to such demonstrable commitment.
When you are ready, contact your web host. Take them through your resolution process. This is a good time to be detailed. Your website should be up and running in a few hours.
How to protect your site from future suspension
Long answer short: be vigilant.
This is probably not the answer you were hoping for, because no one wants to spend time and energy worrying about their site’s security.
Payment failures or policy violations are easily resolved, because you know the root cause or can find out in minutes. You can automate your payments and read through the policies before hosting a site with a web host.
With security, that is definitely not the case. Install a security plugin and firewall to protect your site 24 x 7. It is the responsible and sensible thing to do, and will save you hours, if not days, of lost resources.
Web host account suspension is often followed by Google blacklisting. Check whether your site has been penalized by Google Safe Browsing.
If it is, don’t worry.
That’s all for this one.
If you’re stuck with anything, we’d be happy to help you out in any way possible. Drop us an email and our highly-acclaimed support team will respond ASAP.
i. What does it mean when a website says account suspended?
When a website has been smacked with an “account suspension” notice, it means that the web host has taken your site down temporarily. They do it for a number of reasons like malware infection, use of excess resources, payment failure, and other policy violations.
ii. How to access a suspended WordPress website?
You cannot access a suspended website. You have to contact your web host, learn the cause of suspension, and fix your site. When your web host removes the suspension, you can access your WordPress site.
iii. Payment cleared but site still showing the “This account has been suspended.”
On certain occasions, even after you have cleared your payments, your site shows the “this account has been suspended” notice. If this happens, contact your web host. They will help you get your site up and running and no time.
iv. What to do when my website appears blank after the suspension is removed?
If your site looks blank even after the suspension is removed, contact your web host. Don’t worry, this is probably a technical error. Your site should be up and running in no time.
v. How to clean a site suspended because of malware infection?
To clean malware infection from a suspended website, use a security plugin. Most plugins need a few hours to up to a week to clean your site. But if you opt for MalCare, it’ll clean malware infection in under 60 seconds.