The “This Account has been suspended” message can appear on your website for various reasons, but regardless of why access to it was restricted, you will face downtime and revenue loss if the ban is not lifted in a reasonable amount of time. Knowing why your hosting provider disabled access to your website and how you can get it up and running again and avoid it from happening again is critical.
In this article, we will provide you with all the information you need to fix the “This Account has been suspended” message on your website and implement the best security practices to avoid it from happening in the future.
When you see the “This Account has been suspended” message on your website, it means that your web hosting provider has put a rule in place to redirect all traffic to the suspension page. This is done to restrict access to your website for various reasons.
The Suspension Message Page
The page showing you the “This Account Has Been Suspended” message is usually provided by the hosting control panel as a default one or created by the web hosting provider. What you need to understand is that it is an actual web page on the server that all web traffic coming to your website is redirected to.
The default suspension page tells your website visitors that this site has been suspended which can make them believe that it no longer exists or is not trustworthy. It can negatively impact your business, so changing it to a custom maintenance page might be reasonable. You will need to negotiate whether you can redirect traffic to another web page with your web hosting provider.
How is Access Restricted With Website Suspension?
When your website has been suspended, you will not be able to view any content or access the admin dashboard of the content management system used. It means that you will no longer be able to access your WordPress Dashboard to use one of the backup or security plugins in the vast majority of cases.
If you have root access to the server, you will still be able to access your website’s web hosting control panel account, for example, your cPanel or SiteWorx accounts. If you are on a shared hosting plan, you will need to ask your hosting provider to allow access to be able to work on your site without having to use the command line interface.
As the redirect often only affects web traffic, you can connect to your website via SSH, FTP, or SFTP. All these tools, including the File Manager interface can help you get access to your website files and database and address all issues.
Why Your Host Would Suspend Your Site? 3 Main Reasons
There are multiple reasons why your web hosting provider may suspend your website, and we will review all of them below. However, most reasons for website and account-level suspension are always outlined in an Acceptable Use Policy that you should review carefully before you move your websites over to a new hosting provider.
There are three main reasons why you may see the “This site has been suspended” message on your website:
- Violation of the Acceptable Use Policy
- Non-payment
- Server resources overuse
Let’s review what each of these includes and what it means for your websites.
Reason 1: Acceptable Use Violation
The Acceptable Use Policy provided by your web hosting provider includes specific rules developed by your web hosting provider that outline what types of content can be hosted, and what activities the given IT infrastructure can be used for. It also defines what measures the hosting provider can take in case of a violation of the Acceptable Use Policy.
Let’s review the most common cases of AUP violation that will lead to your website showing “This Account has been Suspended”.
Security Issues
The main reason why your website may be suspended is because it has been hacked and is actively used for malicious purposes. This includes a large group of issues, but the most common include:
- Malware. Your website is infected and used to distribute malware, and visiting it may result in malicious content downloaded to the visitor’s computer or personal data stolen, for example, stealing credit card information on the checkout.
- Phishing. Your website may host phishing pages aimed at stealing account information.
- Spam. This includes sending large amounts of unsolicited email, including having mailing lists without a properly configured double opt-in.
- Network attacks. Your site may be the source of outbound network attacks, for example brute force attacks aimed at getting access to other servers or individual websites.
- Unauthorized access. In some cases, your website can be used as an entry point for gaining control over other websites on the server or system-wide, or root access, which leads to very serious consequences.
All security issues outlined above are caused by hackers gaining access to the website by exploiting vulnerabilities, and then using it to perform malicious activities. Hackers can gain access to one website on the server and use privilege escalation to gain system-wide access or log in as root initially and perform malicious actions.
Root-level compromise is an especially serious issue as it threatens the integrity of the whole system. Moreover the vast majority of hosting companies maintain proprietary server images that include certain server configurations and other modifications that can not be revealed.
All security issues pose a major threat to the hosting provider’s network, that is why if your website gets hacked and used for malicious purposes, you are very likely to see “This Account has been Suspended” message appear on it.
Hosting Illegal Content
You are not allowed to host any materials that infringe or otherwise violate any privacy, intellectual property, or personal rights. This includes using content protected by a copyright or patent. Once infringing content appears on your website, your web hosting provider will be alerted.
There are certain other rules that define what content you can host. The vast majority of hosting providers will not allow violent, abusive, or overall inappropriate content hosted on their servers. Unlike other issues that can lead to website suspension, there’s very little that you can do if you’re hosting a website with content that your hosting provider does not allow.
Reason 2: Non-payment
Non-payment is the second most common reason for seeing “This Account has been suspended” on your website. So if your account has been suspended, it is likely that you forgot to pay for your services and missed all notifications sent by your hosting provider.
It is especially common if you signed up for shared hosting services. If you have a private virtual or dedicated server, it is likely that it will be shut down completely before a payment is made, which means the sites hosted on it will be completely inaccessible.
Reason 3: Server Resources Overuse
Most hosting providers limit the amount of resources that they allocate to a particular website if the server hosts websites from different customers. This is how shared hosting works, making sure you only get the processing power you signed up for, and thus preventing resource overuse.
In rare cases, if your website receives an enormous amount of traffic which can happen during a promotion or a DDOS attack, your hosting provider may temporarily suspend it. The resource overuse can also be caused by malicious processes running under your website’s account, most likely carrying out outbound network attacks.
How to Fix Your Account Suspension in 3 Steps
Seeing that your account has been suspended is always frustrating, but the good news is that you can reactivate it by following the recommendations your hosting provider left for you when they notified you of the suspension. It will probably take some time to get your website functionality restored, but you can not waste any time if you noticed that the website had been suspended.
Follow the three steps below to reactivate your website and remove the “This account has been suspended” message.
Step 1: Review Your Emails and Active Tickets To Understand Why Your Site Was Suspended
Your web hosting provider can not do any modifications to your website without sending you a notification in an email or even giving you a call to let you know that your account has been suspended. So if you suddenly see the “This site has been suspended” message while visiting your website, the first thing you need to do is open your email and find the message sent by your hosting company.
Your hosting provider needs to include a reason for account or website suspension and attach their recommendations. They may vary depending on what exactly happened, and what needs to be done to reactivate your website, but reviewing the email carefully is critical if you want to fix the issue as soon as possible.
If you have any questions or feel that you need more information to resolve the reported issues, contact your web hosting support team for assistance. A server administrator can help you understand how to address the issue and give further recommendations.
Step 2: Remove All Malicious or Illegal Content and Secure Your Website
If you found out that the website had been suspended for non-payment, the services can be reactivated by making a payment. Otherwise, you will need to remove all malicious or illegal content from your website and take the necessary steps to secure the account in case it has been hacked.
Remove Illegal Content
If your website contains illegal content that was not uploaded to it as a result of a compromise, review what exactly does not comply with your hosting provider’s AUP and remove it. In extreme cases, you may be forced to remove the website from their network entirely if all content it hosts is not allowed by the hosting company.
Clean Up Your Hacked Website
When your hosting provider’s abuse or security team is alerted of security issues, they investigate it to find the source of the compromise, the scope, and identify all malicious content that was uploaded. They often also run malware scans to provide you with the list of malicious files that you need to review and clean.
Working with your team or gaining assistance from your hosting support, follow these steps for how to clean a hacked WordPress site. Review all content of your site and remove all phishing and malware, including malicious database injections. In some cases, when you know exactly when your website was compromised, you may be able to restore it from a clean backup.
While restoring from a backup might be faster and easier, you can lose all changes made to the website after the last clean backup of it was saved. Moreover, most of the time, you will only be able to restore the site from a backup manually by using the command line interface, which may present additional difficulties.
Secure Your Website
Even if you remove all malicious content that was uploaded by a hacker, without taking additional steps to secure the website, it is most likely that your website will be reinfected again in no time. It is crucial to identify the source of the issue and take the necessary action to prevent unauthorized access.
The general recommendations include having all passwords changed, including the control panel account password for your website, all FTP user passwords, CMS admin user passwords, and database access credentials. If spam was sent from the website, change all email account passwords. Hackers may also create additional CMS admin, email, or FTP accounts, so be sure to remove all of them.
Be sure to update all software, including all WordPress plugins, themes, and extensions, as well as the content management system version and PHP version. Conduct a revision of all add-ons you have on your website and remove everything that is installed from unverified sources or no longer used.
Step 3: Report The Steps You’ve Taken to Your Hosting Company
The final step to get your website unsuspended would be reporting all the steps taken to clean up your website to your web hosting provider. Describe everything you did in order to address security issues or let them know that all illegal content was removed.
Your web hosting provider’s abuse or security team will rescan your website, check if all passwords and software were updated. Once they have confirmed the website no longer poses a threat to their network, the access to your website will be restored, and you will no longer see the “This Account Has Been Suspended” message.
You may need to take additional steps, but your hosting provider should give you their further recommendations. The key thing is to work closely with security professionals to ensure that you have all security threats eliminated.
How to Prevent Future Account Suspensions
The best way to avoid account suspensions is to take a proactive approach to ensure your website security and pay for your hosting services on time.
Avoid Non-Payment
Be sure to check your email and active tickets at all times. Most hosting companies send multiple notifications and even make phone calls before having your account suspended for non-payment.
If possible, configure automatic payments, so you do not have to log in and make a payment every month. Another option that can be beneficial is switching to the yearly billing cycle, especially if you plan to build a long-term business relationship with your current hosting provider. Moreover, most hosting companies offer discounts for prepay plans.
Review Your Hosting Provider’s Acceptable Use Policy
Carefully read and review the AUP published by your web hosting provider as it outlines all rules and restrictions on the type of content you can host, and what you can use the server resources provided to you for.
The AUP and terms of service will also contain what actions the hosting provider can take to restrict access to your account. Some hosting companies will give you several warnings before actually putting the “This Account Has Been Suspended” page on your website, while others will do it immediately after receiving reports of abuse or illegal content hosted.
Secure Your Website
The best way to address security issues is minimize the chances of hackers gaining access to your website in the first place. This includes a number of measures that can ensure your website stays secure from various threats.
Keep Your Software Updated
The importance of performing regular updates or making the process automated is hard to overestimate. Software updates always patch the security vulnerabilities identified in the previous version of software, including content management systems and add-ons like plugins and extensions.
The vast majority of times, hackers gain access to your website by using a known weak spot in the software you are running. For example, some services and plugins are susceptible to privilege escalation which can help hackers obtain control over the whole server and potentially even remove all content you host.
The Version Management feature provided by the iThemes Security Pro plugin allows you to auto-update WordPress core, plugins, and themes, and scan for all outdated software.
Create a Backup Plan
Backups are essential for all website owners, and can prevent data loss or other unwanted consequences or server-side and security issues. Work out a good backup plan that will ensure your data is saved to a safe location, and can be used to quickly restore the functionality of your website or the whole system.
Most web hosting companies provide off-server backups that are saved to the cloud. You can also make use of the backup options provided by the chosen control panel, however these backups are likely to be saved to the same server that your website is hosted on.
The key thing that makes a great backup plan is data redundancy, which means keeping your backups in different locations. Using a backup plugin for WordPress is a great way to ensure that you can restore your website at all times. The BackupBuddy WordPress plugin from iThemes protects over a million WordPress sites, providing one-click restorations and keeping your backups in a safe, secure location.
Maintain an Access Control Policy and Use Robust Security Software
A great access control policy includes following the principle of least privilege and making use of additional access control measures like two-factor authentication and great firewall rules. The best way to protect your website is to ensure security on all levels.
This can include a web application firewall (WAF) provided by a content delivery network, a WordPress security plugin, and a firewall filtering traffic on the server. Enterprise-level customers also often have a hardware firewall providing an additional layer of security.
Choosing the right security plugin for WordPress is not an easy task with the number of add-ons available to website owners. What you need to be looking for is how well it can protect you from various network attacks and ensure all vulnerabilities are reported to you and patched as soon as possible.
The iThemes Security Pro plugin provides everything you need to ensure your WordPress website stays protected at all times. iThemes Security Pro offers more than fifty ways to secure and protect your website from common security vulnerabilities specific to WordPress.
The iThemes Security Pro Site Scan feature allows you to run scheduled vulnerability and malware scans that will alert you if a threat is identified. This way, you can address all security issues before they attract the attention of your web hosting provider that will restrict access to your website by putting the “This Account has been suspended” message on it.
Get the bonus content: Hacked Website Cleanup Checklist
Wrapping Up
In this guide, we have tried our best to help you understand how to remove the “This Account has been suspended” message from your website and ensure your websites stay protected from all kinds of security threats that presenting it to the internet inevitably subjects it to. Keeping your WordPress site secure is not an easy task, but with the help of modern security solutions like iThemes Security Pro you can be assured that your website stays available to your customers at all times.
Kiki has a bachelor’s degree in information systems management and more than two years of experience in Linux and WordPress. She currently works as a security specialist for Liquid Web and Nexcess. Before that, Kiki was part of the Liquid Web Managed Hosting support team where she helped hundreds of WordPress website owners and learned what technical issues they often encounter. Her passion for writing allows her to share her knowledge and experience to help people. Apart from tech, Kiki enjoys learning about space and listening to true crime podcasts.
Приветствую!
Вы перешли на страницу пользователя или представительства компаниисервиса в Твиттер, и за место ожидаемой информации, увидели там надпись Account suspended. В материале мы постараемся разобраться, почему так произошло и что можно сделать с этим.
Содержание:
- Статус страницы «Account suspended» в Twitter – что означает
- Как убрать «Account suspended» и увидеть контент в Твиттер
- Краткий итог
Статус страницы «Account suspended» в Twitter – что означает
В вольном переводе сообщение «Account suspended» означает, что страница пользователя или компании, которую вы хотите посмотреть, в текущий момент находится в замороженном состоянии.
Это вовсе не значит, что она удалена или это проблемы на стороне сервиса Твиттер. Это лишь означает, что страница была заморожена по инициативе администрации сервиса Твиттер.
Причин, по которым это могло произойти, весьма много. Одно ясно точно – у создателей возникли претензии к действиям владельца страницы, либо к тому контенту, который он размешал.
Т.к. страница Twitter заморожена, то и находящийся на ней контент недоступен к просмотру никому, а лишь высвечивается надпись «Account suspended».
Если вы не являетесь владельцем страницы, которая была заморожена, то едва ли у вас получится её восстановить (разморозить), дабы вновь весь размещённый контент был доступен к просмотру, а также возобновилась возможность размещения новых постов.
Это может сделать лишь владелец, который должен авторизоваться в своём Твиттер профиле, который подвергся заморозке. Сделав это, он увидит соответствующее сообщение о приостановке его Твиттер страницы и небольшой инструкции, выполнив которую, он сможет вновь вернуть свою страницу к жизни, со всем размещённым ранее в ней контентом.
Если у вас есть возможность связаться с этим человеком, то сообщите ему, что его страница недоступна и ему необходимо предпринять действия, чтобы это исправить.
Если же связи нет, то остаётся только ждать, пока владелец сам обнаружит ситуацию с блокировкой его Твиттер страницы и предпримет все те необходимые действия, которые позволят исправить возникшую проблему.
Краткий итог
Вот мы и рассмотрели статус «Account suspended», который вы можете обнаружить в Твиттер при просмотре интересующей вас страницы. Для исправлении ситуации необходимо будет связаться с владельцем, дабы он совершил необходимые действия для восстановления отображения страницы. А если возможность связаться отсутствует по той или иной причине, то подождать – со временем ситуация будет обнаружена владельцем аккаунта и предприняты необходимые шаги.
There is nothing as disconcerting as trying to visit or log into your website, only to see a notice saying ‘This account has been suspended. contact your hosting provider for more information.’
Your account has been suspended means that the hosting provider has temporarily taken your site offline.
Web hosts suspend websites for different reasons like malware infection, spam content, payment failure, and other policy violations. The notice is deliberately obscure, without a clear indication of what has happened and how to fix it because everyone who visits your site will also see this message.
We want to stress at this point that although all seems lost, it most certainly is not. The key is to act very fast here, especially if it is a hack that has prompted this action.
Don’t panic, we’re here to help. By the end of this article, you’ll know exactly how to fix the ‘this account has been suspended‘ issue, and get your website live as fast as possible.
TL;DR: There are many reasons why web hosts suspend sites, but the most serious one is malware. The only real way to protect your website, your visitors, and your data is to install a WordPress security plugin, like MalCare. MalCare has an integrated firewall and includes unlimited cleanups for your website.
What does “This account has been suspended” means?
“This account has been suspended” error means that your website has temporarily been taken offline by your hosting provider. Hosting providers can suspend websites for many reasons, like malware infection, excessive use of server resources, payment failures, and other policy violations.
When you, or anyone else for that matter, try to visit your website, you will see a message saying that your account has been suspended. Moreover, you generally won’t be able to log into your wp-admin or into your hosting provider account.
You might see one of the following messages:
- This account has been suspended. Contact your hosting provider for more information.
- This account has been suspended. Either the domain has been overused, or the reseller ran out of resources.
- Your account has been suspended for security reasons.
- This page is currently not available, as your account has been suspended.
- This account has been suspended for violating our terms. Please contact us for more information.
- Your hosting has been suspended. Please contact support for unsuspend terms.
- This site is currently unavailable. If you’re the owner of this website, please contact your hosting provider to get this resolved.
Or you could see your website redirected to the following URL: /cgi-sys/suspendedpage.cgi
If you are using a reputable hosting provider, they will usually send an email explaining why they have suspended your account, and what measures you should take to resolve the issue. For instance, if they detected malware on your website, they may whitelist IPs so that you can resolve the issue.
Effectively, your website is offline. Again, depending on your host, it could be in imminent danger of being deleted. Bluehost, for example, is very trigger-happy on this front. Siteground usually quarantines your website, so that you have a chance to clean it.
Additional resources:
- Website is suspended by godaddy
- Website is suspended by hostgator
Why your web host suspended your site?
There are a few reasons why web hosts suspend websites. The most common reasons are:
- They detected malware on the website. Malware is dangerous for the website, the host and the visitors, so web hosts are quick to act if their scanners detect the following things on your website:
- Spam links
- Deceptive content
- Phishing pages
- The content is in violation of their terms of use. For instance, if your website is an online pharmacy selling highly regulated substances, then some web hosts will not allow that sort of content for legal reasons.
- Your website could be using excessive server resources. Hosting packages, especially shared hosting ones, usually come with limits for server and CPU resources. If your website gets a lot of traffic, or is dynamic in nature, it could be going over the limit. If the traffic is not reflecting in your analytics, this could be a sign of a brute force attack as well. To stop bad bot traffic affecting your website, you should install a firewall.
- Another very common reason for web host account suspension is because of unpaid invoices. Check your email, because they often send a lot of notices if there are dues to be settled.
Before we get into dealing with suspension itself in the next section, we want to assure you that you are not alone. We have seen lots of panicked emails from website admin because one minute their website worked just fine, and the next minute their account was suspended.
The situation is entirely fixable if you act fast.
How to fix ‘This account has been suspended’ issue?
Before we get into dealing with the issue itself, we need to identify the cause of the suspension. As we discussed, this should be clear through the email that they share with you.
But if you haven’t received an email, or it isn’t very clear, you can always contact your web host for details. Depending on the cause of suspension, you can follow the procedure mentioned below to fix the suspension issue.
Remove malware from my suspended website
Out of all the reasons that the web host suspended the account, malware is the most tricky to resolve because web hosts can delete the account and all the websites without warning if the situation is not resolved quickly. If your web host has detected malware (malware like favicon virus etc;) on your website, this is the most critical problem to solve.
There are a few ways to clean malware from your website, depending on whether or not you can regain access to it. We have ordered this list on the basis of cost-effectiveness as well.
- Use a security plugin like MalCare to clean your website
- Hire expert cleaning services
- Manually clean your website yourself
1. Clean your website with a security plugin [RECOMMENDED]
Websites are significantly easier to clean if they are up and running. It will let you run a specialized security plugin like MalCare. The trouble with hacked sites being suspended is that you cannot access your dashboard to install a security plugin.
Certain web hosts, like Siteground, will let you whitelist IP addresses to allow certain verified users to access the site while it is suspended. This can be used as a workaround too. To clean your website of malware, follow these steps:
- Contact MalCare support for a list of IPs to whitelist for cleaning
- Email your web host to whitelist your IP and the MalCare IPs
- Install the plugin, and make sure the site syncs from the dashboard
- The plugin will scan your website and find all the malware
- Click auto-clean to remove the malware
- Request your web host to rerun their scan and share the results
If, on the off chance the web host still finds malware on your website, share the results with the MalCare team, and they’ll take care of it for you. With each MalCare pro subscription, you get unlimited cleanups.
Why do we recommend MalCare?
MalCare is the best-in-class security plugin, which uses intelligent detection techniques to find and remove malware. This is in stark contrast to the file-matching algorithms used by other WordPress security plugins.
In addition, MalCare has some standout features:
- Surgically removes only malware from your website, leaving your data and website completely intact and pristine
- Flags underlying vulnerabilities and backdoors, so that the reason your website got hacked in the first place is also addressed, and thus prevents reinfection
- Has an integrated firewall which repels bad IPs before they even hit your website, as well as bad bots from scraping your website or attempting to hack your website
MalCare protects over 200,000 websites daily from attacks. It includes daily scans, which alert you to any hack attempts or malware on your website instantly. Additionally, if you need further assistance, MalCare’s support team is available 24/7 to help customers solve their security issues.
Why we recommend this method?
Without access to the site, malware removal will be a tedious manual process, often becoming much more expensive. Therefore, our goal is to try and get the site up and running even if temporarily. If the web host does not restore the site, then you will be forced to use FTP to clean up your site.
2. Hire a WordPress security expert to clean your website
If you were not able to get your web host to whitelist IPs addresses for cleaning, then this is your next best option. Use expert services like MalCare Concierge or Sucuri to clean up your site.
An expert cleaning service will use FTP to access your website files, and clean the malware manually. This is a time-consuming, tedious process, because FTP can work very slowly, and manually checking each file and database table is a thankless task. For these reasons, this is an expensive proposition.
The steps to get your website clean by an expert cleaning service are:
- Ask your web host to share the results of their security scans for clean up
- Share your FTP credentials with the clean up team, along with the scan results
- Wait for the security experts to manually remove hacked code and files
- Contact your web host to rescan your website, and request them to restore your website
On the upside, if you opt for MalCare Concierge, we include a year’s subscription for the plugin as well, for when your website is back live. MalCare scans, cleans and protects your website from all manner of threats, all in one security plugin.
3. Manually clean your website
You may be wondering why manually cleaning your website falls at the bottom of the list, considering we ordered it for cost-effectiveness.
We have seen far too many botched attempts at cleaning, that’s why. After struggling with malware removal, reinfections and broken websites, we get emails from frazzled admins at their wits’ ends. By that point, not only has the malware gotten worse, but the site is also in shambles, and there are a whole bunch of other problems.
Finally, it winds up costing the admin more than what it would have if they had gone with an expert cleaning service—which is pricey in its own right.
If you choose to remove the malware manually yourself, here are the steps to do so:
a. Get a list of the hacked files from your web host. This is a good starting point, and can help you at least get your site up and running once again.
b. Take a backup of your website. This is a non-negotiable part of this process. If things go awry, a hacked website is better than no website at all. Plus, if your web host decides to delete your website, you can at least recover it using a backup.
c. Look for the malware in the files indicated by your web host. Cleaning this is a good start, but it is entirely possible that malware is also present elsewhere, but your web host’s scanner wasn’t able to detect it.
At this point, you should be able to get your web host to restore your website. At least you can then install and use a security plugin to scan your website more thoroughly to find all the instances of malware.
d. Reinstall WordPress, all your plugins and themes. Make sure to download them from the repository, and that the versions match what was originally on your website.
We have a detailed breakdown of manual cleaning in this article. However, malware can vary greatly on multiple counts: how it manifests, what it does, where the hacks appear, how the hack was achieved, and much more. It is impossible to account for all these variations.
Next steps after getting rid of malware from your website
The malware is gone, but there is still the issue of how it got hacked in the first place. This is usually because of vulnerabilities, backdoors or compromised user passwords. These steps will help you close out the cleaning process, by plugging the gaps.
- Clear all caches (WordPress + browser): Caches are great for improving website performance. However, they do that by storing old versions of your website. If your website has just been cleaned, you want to clear out the cache so that the latest version of your website is shown to visitors.
- Change passwords of everything: User accounts, database, FTP, hosting account, and everything in between. In fact, we would go a step further and review all user accounts as well. Remove any unused ones, and require the active ones to have strong, unique passwords.
- Update everything: Once you regain access to your website, update WordPress, plugins and themes at the earliest opportunity. Vulnerabilities are often discovered and then patched in updates.
- Remove nulled software: Nulled themes and plugins are just a no-no. They invariably come with malware or backdoors, and if you use them, it is almost certain that the hack came from there.
Also consider removing any extra, unused plugins and themes from your website. We have also witnessed forgotten WordPress installations on the website, which have been the cause of infection. This is because it doesn’t get updated or reviewed as often as the primary site. If possible, get rid of these as well.
What to do if your website is using excessive server resources?
Your website likely exists on your web host’s server with hundreds, if not thousands, of other websites. Resources, like processing power, memory, and storage, are shared by all the websites that exist on that server. To make sure that all the websites hosted on a shared hosting plan get a fair amount of server resources, web hosts set a cap on those resources for each account.
Usually, a web host will alert you if you are reaching or exceeding the resource limit before suspending your account. So if you have received emails about reaching the resource limits, it is a good time to start analyzing your hosting usage. Some of the questions you should ask are:
- What is causing my site to consume so many resources?
- Is this a sudden spike, or has the increase been gradual?
- Does my analytics tally with the increase in resources?
Bad bots and malware
If the increase is sudden, then you may be experiencing bot traffic. Bad bots are a menace, scraping data from websites, trying to hack them by brute force attacks or by creating spam. There are of course good bots, like googlebot, but they do not overwhelm server resources.
Malware can cause sites to get overloaded and use up excessive resources. We have listed malware as a separate reason why the web host suspended your account, but it is possible that the malware went undetected by the web hosts altogether. Almost every web host we have seen uses basic malware scanners, so there are several types of malware that get missed.
Poorly coded plugins and themes
There is most likely an errant plugin or theme which is using excessive resources. Unfortunately, this is extremely hard to debug, because while some hosts like Cloudways will show you resource usage, most web hosts don’t have such granular data.
You can try deactivating the plugins and themes one at a time to see which one is causing the excessive consumption, but it is an ineffective and time-consuming process. You may need to involve an expert developer at this point of time.
A quick fix, if you have backups, is to migrate to another hosting provider with better resource plans. This will get your website up and running quickly, and you can debug at your leisure.
Set up a cache to reduce the number of requests
Caching can help solve the problem associated with the load. Browser caches, for instance, store a version of your website locally, so the browser doesn’t have to download the data again to display your website.
Similarly, CDNs store content in proxy servers around the world, so when a user requests content, it doesn’t have to go all the way to the server to load.
Caching is actually a way to speed up website load times and to better user experience, but it can reduce the number of server requests considerably as well.
Consider upgrades carefully
It may be tempting to upgrade and solve the problem, however, it can be a superficial fix. Often, there is an underlying problem, and moving to a higher plan will not fix these issues. To prevent bot traffic, you need to have a firewall for your website.
How to deal with payment issues and policy violations?
In our opinion, these issues are easily dealt with, so we have clubbed them together. The resolution is mainly to contact the web host and work with them till your site is back up and running.
Payment issues
Web hosts have your credit card information on file, and will charge it automatically at the time of renewal. These transactions can fail for multiple reasons like insufficient funds, expired cards, or fraud prevention. You will then get an email saying that the transaction has failed, and to please update your payment information. In fact, most of them will send reminders several times a month before the due date via email as well, if you are on a yearly subscription plan.
This is the most common reason web hosts suspend your website, and show you the “This account has been suspended” message. The fix is simple enough. Just make your payment and the site will be up and running in no time. We also recommend switching to an annual subscription, to avoid suspension hassles and missing reminders.
Other policy violations
Alright, we can all acknowledge we rarely read the fine print. We assume that what we want to do is probably permitted under the policies, but that is not always the case. And now, unfortunately, we have to refer to the policy documents.
Having said that, most of the policy violations we have seen stem from the content on your website. Which makes sense, seeing as that is what you are adding to your website. Hosting providers draft wide-ranging policies on the kind of content you can publish on your website.
The suspension is caused under circumstances such as copyright violations, spam generation, unsolicited emails, unauthorized admin use, and storing illegal material on the server.
Some web hosts also enforce policies around political content and the sales of dubious pharmaceutical products. One of the emails we received was from an erstwhile pharmacy website, and the web host objected to the products on sale because they are highly regulated. The site was suspended, the account was then deleted, and the admin was refunded their money.
Sometimes, that’s just how things play out.
How to remove account suspended warning by submitting a review request?
To get your web host to unsuspend your account, you have to address the issue that caused the suspension. Then you email them with a request to review the suspension reasons.
Make sure that your review request is precise, relevant, and describes the steps you have taken to address the suspension.
For brownie points, you may also update your themes and plugins, and download a security plugin. This will show your web host how serious you are about website security.
Why does your web host care if there is malware on your website?
This is a good question, because it does feel like you are the one losing your website, right? In actuality though, hacked websites affect all website stakeholders negatively, right from you as the admin and your website’s visitors, but also the hosting company and Google.
Hacked WordPress websites can dupe people into sharing their credentials and passwords, sometimes even credit card numbers. Some malware uses your website to infect other websites, and thus perpetuates the cycle. In short, everyone except the hacker loses because of malware.
Apart from these broad issues with malware, web hosts have a lot to lose if there are hacked websites on their servers. For instance:
- Hacked websites consume a ton more resources than they normally should for many reasons, like bad bot traffic or brute force attacks. This degrades the performance of other customer websites on the same server, if you happen to be on shared hosting.
- ISPs penalise them heavily for malware detected on their servers
- Cloud providers and data centres will give them warnings about the malware
- It is a security risk for other customer websites, even if they have barriers between websites that protect them. It is not a risk worth taking, even if the chances are infinitesimal.
- Their IPs get blacklisted, because other firewalls detect malware as originating from their servers. On top of that, your website can be used to infect other websites.
Overall, a web host’s brand and revenue is at stake when they are hosting a hacked website. So web hosts have good reasons to be zealous about malware on websites.
How to prevent malware from infecting your website again?
Now that your website is live again, there are a few things you can do to keep your website safe.
- Install security plugin
- Review user accounts and passwords frequently
- Keep updating everything
- Invest in good backups
- Harden WordPress
The biggest issue with malware removal is reinfection, and many admins finds that they’ve spent a considerable amount on cleaning, only to discover that the whole nightmare plays out again in a few days or weeks.
What is the impact of web host account suspension?
As a result of your web host suspending your website, you must have observed several negative effects of your website being taken offline.
- Plummeting SEO
- Loss of visitors and revenue
- Damage to your brand
- Potential legal issues
- The cost of cleaning your website
These are just a few of the things that can happen when your website is hacked. None of them are pleasant, and everyone loses as a result. Except for the hacker, of course.
Conclusion
We have outlined the most common reasons why web hosts suspend sites, with concrete measures to take. That being said, your web host will be able to shine a light on why they suspended the account. They may or may not be helpful in resolving the issue, which is where we have stepped in.
We hope that this article was helpful in what is a terribly stressful situation. If you have any questions or require assistance with your website, please drop us an email. We are more than happy to help!
Follow our handy guides on how to recover your site from google warning messages:
- Remove Google Blacklisting,
- Deceptive site ahead fix,
- this site may be hacked guide
FAQs
What does it mean when a website says ‘account suspended’?
When a website has received an “account suspended” notice, it means that the web host has taken your site down temporarily. They do it for a number of reasons like malware infection, excessive use of server resources, payment failure, and other policy violations.
In order to resolve the issue, you need to contact your web host for more information. Then take measures accordingly to resolve them.
How to access a suspended WordPress website?
You cannot access a suspended website. You have to contact your web host, learn the cause of suspension, and fix your site. When your web host removes the suspension, you can access your WordPress site.
There are many reasons why a web host may have suspended your website. If it is because your website was hacked, you need to ask them to whitelist IPs, so that you can clean the website.
Payment cleared but site still showing the “This account has been suspended.”
On certain occasions, even after you have cleared your payments, your site still shows your account has been suspended notice. If this happens, contact your web host. They will help you get your site up and running in no time.
What to do when my website appears blank after the suspension is removed?
If your site looks blank even after the suspension is removed, contact your web host. Don’t worry, this is probably a technical error. Your site should be up and running in no time.
How to clean a site suspended because of malware infection?
To clean malware infection from a suspended website, use a security plugin. To install the plugin, request your web host to whitelist your IP and that of the security plugin servers. Then install the plugin, and clean the malware. To use MalCare’s auto-clean feature to remove malware in minutes, contact the MalCare support team to know which IPs to get whitelisted.
Website suspended by host: Possible causes and solution of “Your Account Has Been Suspended”:
Did you recently receive a message “Your Account Has Been Suspended”, “the site you are trying to access is suspended”, “”account suspended contact your hosting provider”” or a similar message from your hosting provider?
We have detected that your www.example.com website is infected with malicious code and a huge number of email spam messages originating from it. In order to prevent further malicious activity from your account we have limited access to it, because malware is a threat not only to the health of your own website but also to the other accounts hosted on the same server.
You may see a full report on the malware location by clicking on the button “Security Report” and logging into your hosting account’s cPanel.
After you have cleaned the malicious code, you may request code review via the button “Request Review” to see if the cleanup has been complete and successful.
When hosting a website, one needs to be careful about the security and the maintenance of the website. When using a hosting service there are rules to be followed and terms to be met. But what happens when you find your website suspended by the host? Here are some warning messages shown by Web browser if your website is infected.
The first step is to know about the reasons that the host has suspended your website for.
1. Website suspension due to non-compliance with terms and conditions:
- Abuse of terms of usage: While opting for a hosting service, one needs to sign up for several terms of usage. The service providers expect the users to follow these terms religiously. Moreover, any breach of these terms usually results in the termination of the website or you will find your website suspended.
- Payment pending: If you are using a free hosting service then you need not worry about any payment. However, the case is different when using a paid hosting service. They generally have rigid and automated payment mechanism. Thus, it is easy for them to log any unpaid dues and payments. Then, they will either suspend the website or terminate the contract altogether. This is surprisingly one of the most common reasons for any website suspended.
Please check the below URLs if your
- Account is suspended by Bluehost
- Account is suspended by GoDaddy
- Account suspended by Hostgator
Want to know more or have a quick question?
Talk with our engineers!
We are always online! 😊
- Over usage of servers: Free hosting services generally have limited and lesser server resource as compared to the paid services. However, even in paid services, there is a limit to how much a user can use the server resources. Thus, if your website has any script or code that is using too much of the server’s resources, then the service provider will detect it. Moreover, there is a chance that the hosting service will suspend your website to complete an investigation. You need to wait until the investigation is over or you get rid of the error.
- Over usage of CPU: Most of the paid hosting services do not have any limitations on the usage of the computing power. However, if in rare cases the service provider identifies that a website is using too much of the CPU and impacting other websites then you will find the hosting company might suspend your website. You can bring back up the website after removing any resource hungry scripts or plugins.
2. Website says account suspended: Check if your website is hacked or infected with malware
- Malware: If you are diligent in taking care of the website’s security then there are fewer chances of this happening. Since the attack by SQL Slammer in 2003, malware attacks are quite common. Hosting service providers will surely suspend the website if they find any malware or viruses on your website. They take this step to keep other websites on their servers safe and to stop the spreading of the malware.
- Hacked account: If your account is hacked and blacklisted by any search engine then the hosting service will suspend your website. This is done to prevent the hacker from doing any damage or spread any kinds of malware. If you find your website suspended, then this might be one of the reasons.
- Phishing attacks: Phishing attacks are fairly common. Thus, if the service provider finds any phishing pages on your website, then they might temporarily suspend your website. Google and various other search engines regularly crawl through websites to identify and block phishing pages and sites. Thus, if someone hacks your website and installs phishing pages, then the search engines will blacklist your website. Moreover, once the search engines blacklists your website, the hosting service will promptly suspend your website to protect other websites on its servers. Phishing is a kind of Social Engineering.
Steps to take after you receive “Your Account Has Been Suspended” from hosting provider
Any downtime for your website is potentially damaging to your clients and to the website too. Getting the website back live is the prime concern in such cases. There may be various reasons as to why the hosting service suspended the website. However, before beginning any investigation to identify the reason, there are a few steps one should take. These steps are to ensure that you can make your website live as soon as possible and to prevent permanent damage:
- Make sure of the extent of the suspension of your website. You can use a DNS verifying websites to find out the state of our DNS. You can also use a proxy connection to eliminate any network problem.
- Take a backup of your website. If your host has a backup service, then you should upload a copy of that to the cloud. This will ensure that your website is safe.
- When you are sure of the backup, you must begin transferring it to another host. This will reduce the downtime of the website.
Hosting provider suspended your website? Drop us a message on the chat widget and we’d be happy to assist you with your website.
30,000 websites get hacked every single day.
Are you next?
Secure your website from malware & hackers using Website Protection before it is too late.
- While all the previous processes continue, you must promptly inform all your clients and readers. You must use the channels you commonly use to communicate with your viewers and clients.
Steps to fix “This Account Has Been Suspended” website problem
These are the first aids to a suspended website. However, our website needs a proper investigation to find out the error and rectify it.
- The first step is identifying if your website truly suspended or if there is any network problem. As mentioned above, using a proxy service can help you confirm any possibilities of network errors. You can also get a status of your DNS to check if it is active on all servers.
- The second step to take is inquiring with the hosting company as to what was the reason for the website suspension. The hosting service may assist you in identifying the cause for suspending your website. They might be able to help you identify the infections and the infected files. If there is an issue with payment, then they will guide you to sort it out.
- If there is an infected file or any malware, then you can move forward with their removal. You can either do it yourself or use a service like Astra to get rid of the files. Opting for a web security service will definitely get the job done with expertise and ensure that there is no more malware.
For suspended WordPress website
- If your WordPress website is suspended, then you can install a fresh copy of the website. This step is useful if the service provider is not able to give you the list of infected files. To do this, you need to download three files namely
.htaccessfile,wp-config.phpfile andwp-contentfolder. You also need to remove all other files and folders that you might be using outside of WordPress. After that, you will have to download the zip file and unzip it to upload it. Doing this will install a new and infection free website. - Once you have restored the files, you need to install those files you backed up in the previous step. You need to find the root directory of your account and then upload those files. There might be a chance that these files may contain malware. Thus, you need to use a security tool to scan these files.
- Once you have installed a new copy of the website, you also need to check the status of the DNS. To reconfigure the DNS, you need to change the nameservers and add the new hosting that you added.
How Astra can help
Astra offers, among other security services, all-around security for your website. In case of doubts, you can easily get help and assistance from the team at Astra. For safely maintaining your website you can take help from this checklist that Astra has precisely designed to assist you. With Astra, you can stay updated all the time about your website.
See our Intelligent Firewall and Malware Scanner
in action
Stop bad bots, SQLi, RCE, XSS, CSRF, RFI/LFI and thousands of cyberattacks and hacking attempts.
Tags: account suspended website, host suspended, hosting account suspended, malware hosting suspended, website suspended
Sovandeb
Your usual nerd with an avid interest in everything tech. If not writing then following up on cyber security news and preparing for my next article. If there is something new out there you can bet I will write about it.