What if your website account has been suspended and your website is offline displaying a message that says, “This account has been suspended. Please contact your hosting provider for details.” Panic sets in - what does this mean? Why is this happening? How do I get the website back online? These questions and more begin to race through your mind.
When your website account is suspended, it means the hosting provider has temporarily taken it offline. Website hosts often suspend websites for a myriad of reasons ranging from malware to spam. They suspend websites when needed to protect their servers that host tons of other websites, so they don’t get infected too.
The most common reason is usually malware infection. Unfortunately, thousands and thousands of websites are infected with malware from hackers every day, and yours was probably one of them. In fact, according to Cybint News, a hacker attack occurs every 39 seconds. These can range from brute force attacks to the use of phishing pages to steal data, like credit card information.
How do you get back online? The bottom line is that you are responsible for the security of your website. With that, you have two options. First, if you have the technical understanding, you can clean up the problem yourself. The second option is to hire a third party to resolve the problem for you. Most website owners opt for the second option and hire a third party to ensure it gets done properly and quickly. The best third-party vendors have relationships with web hosting providers and can speak directly with them to help you get back online as soon as possible. Let’s take a closer look at how the process works.
As a website owner, the security and maintenance of your website is your responsibility. However, the website host is responsible for the security and maintenance of their servers. Like an apartment building superintendent, shared hosting providers are responsible for making sure the building (server) is up to code and the exterior fence locks (global firewalls). Websites are tenants in this high-speed high rise and are expected to lock their own doors and windows to prevent intruders.
Many types of malware can negatively impact the performance or security of a shared hosting server. This means that malware could potentially spread beyond your website, infecting other customers who share the server with you. Malware can cause both infected and non-infected sites that share the same server resources to slow down or become inaccessible. For these reasons, hosting providers run cursory malware scans on all websites hosted in their system and alert site owners when their site is found to be infected. In order to mitigate the risks associated with infected websites, hosting companies will take these sites offline as a precaution.
While this may seem like a punishment for being compromised, it is actually done to protect the website owner, as well as the hosting server. Having your website account suspended and taking it offline will prevent the site’s visitors from being victimized. In Q3 2017, SiteLock found that nearly 15% of malware detected was classified as a visitor attack, a type of attack designed to cause harm to a website’s visitor. Malware categorized as a visitor attack includes malicious redirects, SEO spam, and phishing. This type of malware is designed to harm unsuspecting visitors to the infected site.
Having your website account suspended also ensures that no further damage is done while the infection is addressed. In Q3 2017, the average infected website contained 283 malicious files. While the website is suspended, attackers cannot continue to upload malicious files.
A suspended website can be incredibly frustrating and may have a negative impact on the website's reputation or business income. Finding out your website is inaccessible to your visitors can be a bitter pill to swallow, even if it’s for your own protection. Hosts understand that it’s important to get the website back online as quickly as possible, which is why they partner with security providers like SiteLock.
The process for getting a website back online after a suspension will vary from host to host, but generally speaking, the website owner will need to remove the malicious files and then contact their hosting provider for a rescan. Before contacting their host, website owners will need to carefully review all files on the hosting account, removing any malicious files or malicious code injected into legitimate files. A skilled web developer may be able to do this manually, but it is faster and easier to use a malware scanner backed by an up-to-date malware database. This will automatically scan all files and remove any malicious content – including newly discovered types of malware.
Hosting providers turn to SiteLock as a security partner, in order to expedite the malware removal and reinstatement process. Malware scanners can clean the malware infection, help address vulnerabilities that led to the compromise, patch core CMS applications that may be out of date, and contact the hosting provider directly to request to get the website back online. Hosts also count on SiteLock to secure sites going forward, preventing reinfections and future suspensions.
For more information about comprehensive website security, explore SiteLock’s security plans and how they work.