Solve the “This Account Has Been Suspended” Hosting Error

by

Imagine trying to visit or log into your website, only to see: ‘This account has been suspended. contact your hosting provider for more information.’

No reason, no answers. Just a notice that even your site visitors can see.

Cue panic.

Before doing anything else, scan your site for malware. This is the primary reason sites get suspended, and the one that you can and should resolve the fastest.

Your account has been suspended means that the hosting provider has temporarily taken your site offline. 

They can be many potential reasons: hosting security, spam content, payment failure, and a policy violation. The notice is supposed to cover a lot of scenarios. But the lack of clarity makes it hard to solve and very frustrating. The important thing to remember is that your site is recoverable.

TL;DR: To fix the ‘this account has been suspended‘ issue, the first step is to figure out the underlying cause. While there are many reasons why web hosts suspend sites, the most serious one is malware. Scan your site with MalCare to figure it out. Once you have an answer, MalCare has a one-click cleanup tool to remove any malware.

What does “This account has been suspended” mean?

“This account has been suspended” error means that your website has temporarily been taken offline by your hosting provider.  

When you, or anyone else for that matter, try to visit your website, you will see a message saying that your account has been suspended. Moreover, you generally won’t be able to log into your wp-admin or into your hosting provider account. 

"This account has been suspended. contact your hosting provider for more information" error message

Or you could see your website redirected to the following URL: /cgi-sys/suspendedpage.cgi

page redirecting to /cgi-sys/suspendedpage.cgi

Most hosting providers will usually send an email explaining why they have suspended your account. They will also explain how you should resolve the issue. For example, if your website has malware, they may whitelist IPs so that you can remove it as soon as possible.

Effectively, your website is offline. And you need to take steps to get it back online

Be warned though. Bluehost suspends sites in a very trigger-happy way. Usually Siteground will quarantine your website, so that you have a chance to clean it. Depending on your host, it could be in imminent danger of being deleted.

Main reasons web hosts suspend websites

There are a few reasons why web hosts suspend websites. The most common reasons are: 

  • There is malware on the website. Malware is dangerous for the website, the host and the visitors. For example, GoDaddy malware has led to numerous accounts being suspended.
  • The content is in violation of their terms of use. For instance, if your website is an online pharmacy selling highly regulated substances, then some web hosts will not allow that sort of content for legal reasons. Alternatively, there is a pharma hack on your site, which makes it look like an online pharmacy to your web host.
  • Your website could be using excessive server resources. Hosting packages, especially shared hosting ones, have server and CPU resource limits. If your website gets a lot of traffic, or is dynamic in nature, it could be going over the limit. If the traffic is not reflecting in your analytics, this could be a sign of a brute force attack as well.
  • Another very common reason for web host account suspension is because of unpaid invoices. Check your email, because they often send a lot of notices if there are dues to be settled. 

The situation is entirely fixable if you act fast. We have seen lots of panicked emails from website admin because one minute their website worked just fine, and the next minute their account was suspended. 

Step 1. Figure out the cause of the suspension (and fix it)

Before we get into dealing with the issue itself, we need to identify the cause of the suspension. As we discussed, this should be clear through the email that they share with you.

But if you haven’t received an email, or it isn’t very clear, you can always contact your web host for details. Depending on the cause of suspension, you can follow the procedure mentioned below to fix the suspension issue.

Problem 1: Is it malware?

Out of all the reasons that the web host suspended the account, malware is the most tricky to resolve because web hosts can delete the account and all the websites without warning if the situation is not resolved quickly.

⚠️ Check if your site has been hacked. Once you have a scan report, you can proceed much faster.

Websites are significantly easier to clean if they are up and running. It will let you run a specialized security plugin like MalCare.

The trouble with hacked sites being suspended is that you cannot access your dashboard to install a security plugin. So you need to contact your host.

Certain web hosts, like Siteground, will let you whitelist IP addresses to allow certain verified users to access the site while it is suspended. This can be used as a workaround too. To clean your website of malware, follow these steps: 

  1. Contact MalCare support for a list of IPs to whitelist for cleaning
  2. Email your web host to whitelist your IP and the MalCare IPs
  3. Install the plugin, and make sure the site syncs from the dashboard
  4. The plugin will scan your website and find all the malware
  5. Click auto-clean to remove the malware 
  6. Request your web host to rerun their scan and share the results

If, on the off chance the web host still finds malware on your website, share the results with the MalCare team, and they’ll take care of it for you. With each MalCare pro subscription, you get unlimited cleanups. 

Why we recommend this method? Without access to the site, malware removal will be a tedious manual process, often becoming much more expensive. Therefore, our goal is to try and get the site up and running even if temporarily. If the web host does not restore the site, then you will need to use FTP to clean up your site.

Step 2: Post-cleanup measures to remove all traces of infection

The malware is gone, but there is still the issue of how it got hacked in the first place. This is usually because of vulnerabilities, website backdoors or compromised user passwords. These steps will help you close out the cleaning process, by plugging the gaps. 

  • Clear all caches: Caches store old versions of your website to improve performance. If your website has just been cleaned, you want to clear out the cache so that the latest version of your website (the malware-free one) is shown to visitors and your web host.
  • Change passwords of everything: User accounts, database, FTP, hosting account, and everything in between. In fact, we would go a step further and review all user accounts as well. Remove any unused ones, and require the active ones to have strong, unique passwords. 
  • Update everything: Once you regain access to your website, update WordPress, plugins and themes at the earliest opportunity. Vulnerabilities are often discovered and then patched in updates.
  • Remove nulled software: Nulled themes and plugins are just a no-no. They invariably come with malware or backdoors, and if you use them, it is almost certain that the hack came from there.

Also consider removing any extra, unused plugins and themes from your website. We have also witnessed forgotten WordPress installations on the website, which have been the cause of infection. This is because it doesn’t get updated or reviewed as often as the primary site. If possible, get rid of these as well.

These are the top few items on a must-have security checklist for maintaining sites.

Step 3. Protect your site from future hacks

Now that your website is malware-free again, there are a few things you can do to keep your website safe. 

The biggest issue with malware removal is reinfection, and many admins finds that they’ve spent a considerable amount on cleaning, only to discover that the whole nightmare plays out again in a few days or weeks.

Problem 2: Is your site using excessive server resources?

Your website likely exists on your web host’s servers with hundreds, if not thousands, of other websites.

Resources, like processing power, memory, and storage, are shared by all the websites that exist on that server. To make sure that all the websites hosted on a shared hosting plan get a fair amount of server resources, web hosts set a cap on those resources for each account. 

siteground server resources

Usually, a web host will alert you if you are reaching or exceeding the resource limit before suspending your account. So if you have received emails about reaching the resource limits, it is a good time to start analyzing your hosting usage. Some of the questions you should ask are: 

  • What is causing my site to consume so many resources? 
  • Is this a sudden spike, or has the increase been gradual? 
  • Does my analytics tally with the increase in resources? 

Solution: Stop bad bots and malware

If the increase in usage is very sudden, then you may be experiencing increased bot traffic.

Bad bots are a menace, scraping data from websites, trying to hack them by brute force attacks or by creating spam. There are of course good bots, like googlebot, but they do not overwhelm server resources.

Also, increased server usage can be a sign of a hack. Hacks can cause servers to get overloaded and use up excessive resources.

We talked about malware before as a reason why the web host suspended your account. However it is also possible that the malware was not detected by the web host at all.

Solution: Remove poorly coded plugins and themes

There is most likely an errant plugin or theme which is using excessive resources. Unfortunately, this is extremely hard to debug, because while some hosts like Cloudways will show you resource usage, most web hosts don’t have such granular data. 

cloudways disk usage

You can try deactivating the plugins and themes one at a time to see which one is causing the excessive consumption, but it is an ineffective and time-consuming process. You may need to involve an expert developer at this point of time. Some security plugins like Wordfence cause these performance issues.

A quick fix is to migrate to another hosting provider with better resource plans. This will get your website up and running quickly, and you can debug at your leisure. 

Solution: Set up a cache to reduce the number of requests

We recommend using a speed optimisation plugin to take care of caching and improve performance in one fell swoop.

Caching can help solve the problem associated with the load. Browser caches, for instance, store a version of your website locally, so the browser doesn’t have to download the data again to display your website. 

Similarly, CDNs store content in proxy servers around the world, so when a user requests content, it doesn’t have to go all the way to the server to load. 

Caching is actually a way to speed up website load times and to better user experience, but it can reduce the number of server requests considerably as well. 

Caution: Consider plan upgrades carefully

It may be tempting to upgrade your hosting plan to solve the problem of excessive resource usage. However, it can be a superficial fix.

Often, there is an underlying problem, and moving to a higher plan will not fix these issues. To prevent bot traffic, you need to have a firewall for your website.

Problem 3: Is there a payment pending?

Web hosts have your credit card information on file, and will charge it automatically at the time of renewal. These transactions can fail for multiple reasons like insufficient funds, expired cards, or fraud prevention.

You will then get an email saying that the transaction has failed, and to please update your payment information. In fact, most of them will send reminders several times a month before the due date via email as well, if you are on a yearly subscription plan. 

This is the most common reason web hosts suspend your website, and show you the “This account has been suspended” message.

The fix is simple enough. Just make your payment and the site will be up and running in no time. We also recommend switching to an annual subscription, to avoid suspension hassles and missing reminders. 

Problem 4: Is there a policy violation?

Alright, we can all acknowledge we rarely read the fine print. We assume that what we want to do is probably permitted under the policies, but that is not always the case. And now, unfortunately, we have to refer to the policy documents. 

Having said that, most of the policy violations we have seen stem from the content on your website. Which makes sense, seeing as that is what you are adding to your website. Hosting providers draft wide-ranging policies on the kind of content you can publish on your website. 

The suspension is caused under circumstances such as copyright violations, spam generation, unsolicited emails, unauthorized admin use, and storing illegal material on the server.

Some web hosts also enforce policies around political content and the sales of pharmaceutical products. One of the emails we received was from an erstwhile pharmacy website, and the web host objected to the products on sale because they are highly regulated. The site was suspended, the account was then deleted, and the admin was refunded their money. 

Sometimes, that’s just how things play out.

Step 2. Submit a review request

To get your web host to unsuspend your account, you have to address the issue that caused the suspension. Then you email them with a request to review the suspension reasons.

Make sure that your review request is precise, relevant, and describes the steps you have taken to address the suspension.

We also strongly recommend including steps you have taken to resolve the issue, and steps you have taken for preventing them from happening again.

In the case of malware removal, you can update your themes and plugins, and install a security plugin. This will show your web host how serious you are about website security.

Why does your web host care if there is malware on your website?

This is a good question, because it does feel like you are the one losing your website, right? In actuality though, hacked websites affect all website stakeholders negatively, right from you as the admin and your website’s visitors, but also the hosting company and Google. 

💡 Having a scanner automatically check your site for malware daily is a great preventive step to avoid this situation.

Hacked WordPress websites can dupe people into sharing their credentials and passwords, sometimes even credit card numbers. Some malware uses your website to infect other websites, and thus perpetuates the cycle. In short, everyone except the hacker loses because of malware. 

Apart from these broad issues with malware, web hosts have a lot to lose if there are hacked websites on their servers. For instance: 

  • Hacked websites consume a ton more resources than they normally should for many reasons, like bad bot traffic or brute force attacks. This degrades the performance of other customer websites on the same server, if you happen to be on shared hosting. 
  • ISPs penalise them heavily for malware detected on their servers
  • Cloud providers and data centres will give them warnings about the malware
  • It is a security risk for other customer websites, even if they have barriers between websites that protect them. It is not a risk worth taking, even if the chances are infinitesimal. 
  • Their IPs get blacklisted, because other firewalls detect malware as originating from their servers. On top of that, your website can be used to infect other websites. 

Overall, a web host’s brand and revenue is at stake when they are hosting a hacked website. So web hosts have good reasons to be zealous about malware on websites.

What is the impact of web host account suspension? 

As a result of your web host suspending your website, you must have observed several negative effects of your website being taken offline. 

  • Plummeting SEO 
  • Loss of visitors and revenue
  • Damage to your brand
  • Potential legal issues
  • The cost of cleaning your website

These are just a few of the things that can happen when your website is hacked. None of them are pleasant, and everyone loses as a result. Except for the hacker, of course. 

Conclusion

We have outlined the most common reasons why web hosts suspend sites, with concrete measures to take. That being said, your web host will be able to shine a light on why they suspended the account. They may or may not be helpful in resolving the issue, which is where we have stepped in. 

We hope that this article was helpful in what is a terribly stressful situation. If you have any questions or require assistance with your website, please drop us an email. We are more than happy to help!

FAQs

What does it mean when a website says ‘account suspended’?

When a website has received an “account suspended” notice, it means that the web host has taken your site down temporarily. They do it for a number of reasons like malware infection, excessive use of server resources, payment failure, and other policy violations.

In order to resolve the issue, you need to contact your web host for more information. Then take measures accordingly to resolve them. 

How to access a suspended WordPress website?

You cannot access a suspended website. You have to contact your web host, learn the cause of suspension, and fix your site. When your web host removes the suspension, you can access your WordPress site. 

There are many reasons why a web host may have suspended your website. If it is because your website was hacked, you need to ask them to whitelist IPs, so that you can clean the website. 

Payment cleared but site still showing the “This account has been suspended.”

On certain occasions, even after you have cleared your payments, your site still shows your account has been suspended notice. If this happens, contact your web host. They will help you get your site up and running in no time.

What to do when my website appears blank after the suspension is removed?

If your site looks blank even after the suspension is removed, contact your web host. Don’t worry, this is probably a technical error. Your site should be up and running in no time.

How to clean a site suspended because of malware infection?

To clean malware infection from a suspended website, use a security plugin. To install the plugin, request your web host to whitelist your IP and that of the security plugin servers. Then install the plugin, and clean the malware. To use MalCare’s auto-clean feature to remove malware in minutes, contact the MalCare support team to know which IPs to get whitelisted.

Category:

,

You may also like


How can we help you?

If you’re worried that your website has been hacked, MalCare can help you quickly fix the issue and secure your site to prevent future hacks.

My site is hacked – Help me clean it

Clean your site with MalCare’s AntiVirus solution within minutes. It will remove all malware from your complete site. Guaranteed.

Secure my WordPress Site from hackers

MalCare’s 7-Layer Security Offers Complete Protection for Your Website. 300,000+ Websites Trust MalCare for Total Defence from Attacks.