Seeing the notice “Your account has been suspended” is bad enough. But then you realise this means your website has been taken offline and inaccessible. It’s a moment of panic!
While you take time to figure out what went wrong and how to fix it, you stand to lose traffic, your SEO rankings you worked so hard for, and above all, you lose revenue. If you have multiple websites hosted under one account, the suspension could possibly jeopardize your other sites as well.
We know it may seem like a complicated process to rectify the issue and you may feel there’s no coming back from it either.
But there’s no need to worry. We’re here to simplify it all for you. We’ll take you through the process of removing the suspension and getting your site back online.
TL;DR – If your hosting account is suspended due to a hack, you need to clean it up immediately. Use the security plugin MalCare to detect any malware on your site and get rid of it instantly. You can get your website up and running again in no time.
What does ‘your account is suspended’ mean?
You may receive a notification from your web host that your account is suspended. You could also have just visited your website and seen the notice:
“Your account has been suspended. Contact your hosting provider for more information.”
A web host can take the decision to bring your site offline and suspend your hosting account for a number of reasons. But basically it means you have failed to comply with their terms and conditions of service. Sometimes, you may see a message like this that indicates that it might be a particular error such as the IP address has changed, there’s a server misconfiguration or the site URL has changed.
Once you contact your hosting provider, they will give you the reason why you were suspended. Now if it’s just a simple payment issue, you can rectify it by clearing your dues. But sometimes, it may be more complicated. For that, we’ve detailed the possible reasons and how to fix it below.
Reasons for suspension by a web host
There are several reasons why a host might suspend your account. Some of them are non-payment of dues and violation of host’s policy. But the one that’s the most common reason and is complex to fix is having your website hacked.
1. Presence of Malware
If you have malware on your website, it means your WordPress site is hacked and you need to clean it immediately.
Note: You can use our WordPress Malware Removal Plugin to clean your hacked site in 60 seconds.
Any presence of malware on your site is cause for alarm for your web host. This is because it can use up an excessive amount of server resources.
- If you are on a shared hosting server, your website could affect the performance of other sites present on the same server. Further, there are chances that they could get infected too.
- Even if you’re using a dedicated server, you could exceed the limit of your server resources which would lead to your suspension.
- The web host can also take your site offline if it poses a threat to your visitors. This is because visitors might be exposed to downloading infected files or software which can harm their computers. They could also be at risk of having their personal data stolen by hackers.
If your site is hacked and you want to go straight to fixing it, jump to this section.
2. Lack of Payment
A web host will suspend your account if you have not made payment for the services you have availed from them. Hosts generally send out multiple reminders before they suspend websites. They might require you to clear all pending dues and make payment for renewing your hosting plan.
3. Policy Violation
Web hosts have certain policies in place that adhere to ethical practices and legal requirements. If your website goes against any of them, you could face suspension. Usually, these include copyright violations, spam generation, unsolicited emails, unauthorized admin use, and storing illegal material on the server. You can find the policies, and terms and conditions of your web host on their website. A simple google search for the web host’s policies will also work.
Now the only way you can find out the exact reason for suspension is by contacting your web host directly. They will tell you what went wrong. Then we can get down to fixing it as soon as possible.
The longer you take to remove the suspension, the worse the impact becomes. What exactly happens when your website is suspended?
Since your website is down, visitors can’t access your site. Therefore, you stand to lose traffic to your website. The time and effort you put into SEO goes to waste as your rankings begins to come down. This will eventually lead to a loss in sales and revenue from your website.
So, without any further delay, let’s start fixing the web host suspension:
How to remove website host suspension
To remove the suspension, you need to fix the error and then submit your site to the web host for review.
1. Hacked Website
If your website is hacked, you need to fix it immediately, not just because your web host suspended you, but because there are serious repercussions that come with it.
Hackers, once they gain access to your website, can run a whole bunch of malicious activities.
- They can use your website to sell illegal or banned products. Your website will display ads for these products or even adult content.
- They can deface your site with their own political or religious propaganda.
- Hacking your website enables them to send spam emails to your customers or visitors.
- They can steal confidential information of your business as well as personal data of your customers.
- Moreover, they can use your website to launch bigger attacks on large businesses. This is DDOS attack.
- Hackers can also steal your traffic and redirect your visitors to their own websites.
These are just some of the things they can do with your site. The costs associated with fixing a hacked site can skyrocket very quickly, especially if there’s a data breach. So it’s important to clean up your website fast.
How to scan and clean a hacked website?
To fix a hacked site, you can do it in two ways – manually or using a WordPress malware scanner.
Now, be warned, fixing a hacked site manually is not only time-consuming, but it’s also risky and cumbersome. The tiniest error or deviation from the process can result in a broken or completely crashed site. After you’ve cleaned your site, you need to contact your host and tell them to remove your suspension. If they find malware again on your site, you won’t be able to get your site back up. You’ll have to go back and start all over again.
This is why we STRONGLY RECOMMEND using an automated service that will ensure your website is 100% malware-free. These automatic scanners do the job in a few minutes.
Since WordPress is the most popular and widely-used CMS, we’ll take you through the process of automated scanning and cleaning using a WordPress malware removal plugin.
Choosing a security plugin
Now, there are many WordPress security plugins available in the market, so just how do you select one? Is a free plugin good enough? Are all the plugins the same?
- Firstly, while there are a few free malware scan and clean options available, free only gets you so much. You simply cannot rely on them to clean your site thoroughly. Most premium malware scanners charge a reasonable price to fix your site. It’s worth the money to get your site completely malware-free.
- Secondly, the fact of the matter is that all the security plugins are not the same. Most malware scanners rely on outdated scanning techniques that only search for known malicious code. This is called signature matching or pattern matching. New malware, disguised or hidden codes are easily missed by these scanners.
- Lastly, A major issue with this method is that sometimes these “known malicious codes” are also used legitimately in certain plugins. Therefore, you may be alerted about malware when it isn’t actually malware. Deleting these legit codes could break your site or cause it to malfunction.
So which one do you choose? Out of the top plugins available, MalCare is your best bet. Why? Because it’s the only plugin that will not just scan your site for malicious code but it also analyses the behaviour of it. This helps the scanner determine whether the code is actually malicious or not. You can also check our detailed guide on how to scan website for malware.
It uses over 100+ intelligent signals to find new malware. It also goes deep into your website’s files and database and hunts down even the most well-hidden malware. So you can be sure this security plugin is smart enough to find every last crumb of malware.
i) Scan and Clean a Hacked Website with a Plugin
MalCare is designed to be efficient, fast and easy to use. Given below are the steps you need to follow to be malware-free:
Step 1: Sign upon MalCare.com. Auto-install the plugin on your website by entering your wp-admin credentials. You can also do it manually if you wish.
Step 2: Scan your site. Access the MalCare dashboard, the plugin will then automatically begin to scan your site. You might need to turn on the toggle next to security.
MalCare will run a complete and thorough scan of your site. The time taken will vary depending on the size of your site and other factors. Once it detects the malware, it will display the number of hacked files found.
Step 3: Clean up the malware found. Now, here’s the best part about MalCare. You can click on ‘Auto-clean’, and the plugin will render your site clean in under a few minutes.
This is the only security plugin available that allows you to auto-clean your site. With other plugins, once the scanner finds malware, you need to contact the support team and they will manually clean up your site. Again, this takes a lot of time – which we really don’t have to spare! This is why we recommend MalCare for a quick and painless clean up!
ii) Scan and Clean a Hacked Website Manually
You can perform a manual scan and clean using cPanel or an FTP client like FileZilla. As we mentioned above, we do not recommend this method.
Why you should NOT do it manually?
We DON’T RECOMMEND the manual scan and clean method for three reasons:
1. The longer you take to fix your site, the graver the consequences of a suspended website become. It takes a lot of time to manually run through all the files and database to find malicious code.
2. It is not 100% efficient. You can find and delete the malicious code manually. However, there is no way of being sure you’ve cleaned it thoroughly.
Hackers only get better at what they do with every passing moment. They disguise their code or even hide it really well. It becomes easy for you to miss it. So while you think you may have found the malware and deleted it, there may be more hidden.
3. By deleting the malicious code, you might be malware-free, but not hack-free. Hackers exploit vulnerabilities present on your website to gain access to it. Once in, they may also create their own backdoors so they can come and go as they please.
You need to manually scan backdoors and fix them. If you don’t, chances are you’ll be hacked again very soon!
In case, you want to give the manual method a try, you can follow our Guide on What to Do If Your WordPress Site is Hacked.
Once your site is clean, we recommend carrying out a few important steps before you contact your WordPress hosting provider.
2. Payment issues
This is the simplest of them all. You need to clear all your dues and you can get your site back up and running in no time. There’s really no hassle to it.
3. Policy violations
This can be a bit tricky. You would need to contact your host and find out the exact reason for suspension.
If it’s a copyright violation, you need to remove any copyrighted content on your site. It might be images, videos or content. If you want to keep the copyrighted content, you should get in touch with the creator/designer and ask for permission to use it. You might simply need to fix a disclaimer and give credit to them. If you do not get the rights for it, you will have to substitute it with something else that’s not copyrighted.
There are plenty of websites that have copyright-free images such as Unsplash and Pixabay. While searching on Google for images, ensure you choose images that are labeled for non-commerical reuse.
Now, if you’ve been intentionally hosting a website that has illegal content, banned products, adult content which is specifically not allowed by the web host, you will not be allowed to host your site on this web host.
Note: Whether you’re using GoDaddy, BlueHost, Flywheel, SiteGround, HostGator or the like, all web hosting companies follow similar policies, but there are some variations that might make a difference for you.
If you feel you are not happy with the policies of your current web host, you could consider other hosting providers that suit you better. Once you’ve selected a web host, you can migrate your WordPress website easily using a plugin like BlogVault.
4. Overloading the server
You could be using too many server resources. You need to find out what is your resource limit. All web hosts limit the amount of resources each website can use.
Why did you use too many server resources?
- You might’ve installed a new application or plugin on your WordPress site. Some of these apps or plugins are not optimised to use minimal resources. These can overload your server without you knowing it.
- Your site is running on an old version of PHP.
- You’re currently on a low-end plan that limits your resource usage.
To fix this, you would need to identify what is taking up a chunk of your resources. Refer to the ‘Help’ section of your host’s website. Generally, you just have to navigate to ‘Statistics’ or ‘Metrics’ and you will be able to view exactly what processes are running and the resources each process uses. You can see the bandwidth you used and how many visitors you get every month.
There are also plugins available that will analyse the data usage of each file or process on your website. You can use plugins such as BlogVault to find large files and know what’s eating up your resources.
Once you identify the issue, you may have to simply uninstall the plugin or application, or update your PHP.
If you feel your site needs more resources to run, you can take steps to increase your resource limit. If you’re currently on shared hosting, you could consider switching to a dedicated server. You could also consider upgrading your hosting plan so that you have a larger limit available for you to use.
Extra measures to take to ensure your web host suspension gets removed
There are a few recommended measures to implement on your website before you contact your host. This will help prove to your host that you’ve taken the matter seriously and have ensured your site is safe and secure.
1. Update your software
When a new version of software such as WordPress is available, it may include new features and enhancements which you might be fine ignoring for a while. But updated versions also carry security patches.
When the developers of WordPress discover security flaws, they fix it and release an update as soon as possible. The same is also applicable to plugins and themes.
Once the update is released, the information is now made public that there was a security flaw present. Therefore, if you choose to run your website on the vulnerable version, hackers know exactly what to exploit to hack your site.
Keep your website software up to date, always!
2. Delete inactive themes/plugins
Installing and forgetting about themes and plugins is rampant among website owners. This is not a good habit because the more elements we have on our websites, the more possibilities we provide for hackers.
Keep the plugins and themes you use and need, delete the rest!
3. Research themes and plugins before installing
Before you opt to use any plugin or theme, do a little research on it. Choose ones that are light on your server.
For example, a backup process is quite resource-intensive. A plugin like BlogVault puts zero load on your website’s server. It takes a backup in small chunks using incremental sync technology. Plus, it stores the backup offsite on its own servers. Therefore, if there is any load on your server, it’s extremely minimal.
When it comes to themes, you can find lightweight WordPress themes on marketplaces like ThemeForest.
Ensure your plugins and themes don’t overload your server!
4. Install a security plugin
A security plugin will shield your website from threats and risks of getting hacked. It will keep you updated about the security status of your website. Therefore, you can be alerted about malware on your site before your host suspends you.
If you used MalCare to scan and clean your website, you stand to benefit from a proactive WordPress firewall that defends your site against malicious traffic. It will scan your website regularly and alert you if it detects anything suspicious.
Keep your website protected round-the-clock!
5. Implement website hardening
There are certain website hardening measures that are recommended by WordPress and most web hosts. These include:
- Regularly change all passwords and secret keys
- Limiting login attempts
- Getting alerts for suspicious logins
- Disabling plugin installations
- Disabling the file editor
Here again, MalCare takes care of all of this for you. From the centralised dashboard, you can implement all these measures with just a click of a button.
Tighten up the security of your website!
Submit your site for review to your web host
Once you’ve taken measures to rectify the error that got you suspended, you can contact your host via phone, email or live chat. Request them to check your website and remove the suspension.
If the host is satisfied you’ve corrected the error and are now in line with their terms of service, they will remove the suspension. Your website will be restored to an active state and you can get back to business.
We have mentioned earlier that malware infection is one of the reasons behind the suspension. Malware infections can also lead to suspension of your Google Adwords account. Check if your Adwords account is suspended and use this guide to take steps to fix it – Google AdWords Account Suspended.
We hope that you found this guide helpful and before you leave, here are few things we recommend you do –
- First, to prevent web host suspensions in future, we recommend reading the terms and conditions of your hosting provider thoroughly. If you’re unhappy with the terms, you can always find a host that suits you better and migrate your site.
- Then, we recommend keeping the MalCare Security Plugin active on your website.
- Finally, take appropriate site hardening measures to ensure that your website remains protected from common hack attacks.
We hope after reading this article, you have all the information you need to restore your web hosting account.
We’ll do the dirty work for you.
Try MalCare Now!