Multiple BlueHost Clients Hit With False (?) Reports of Malware

13856199984_39fc788b50_hIf you have a site hosted on Bluehost, you might want to take a few minutes today and double check your site's health and security.

Over the past week I have heard from a client (and a friend) who have sites hosted on Bluehost. Obviously I can't name names, but both told me that they had gotten emails from Bluehost with the news that their sites were infected by malware (in the case of one, multiple sites).

And then this blog post concerning a false positive report for malware crossed my desk today:

I had a bit of a scare on Sunday. I got an email from Bluehost that my server had been infected and deactivated and if I did not clean it up it would be deleted in 15 days.

...

After the email, I called them and they said my site was infected and I would have to use a service called SiteLock to get my site back up. SiteLock told me my only choice was to purchase their minimum fee of $120 a month for 6 months. A smart person would have investigated more options but I didn’t. Like others who are in over their heads, I felt I had no choice. I gave them my credit card information and they started cleaning up my server. After their first email came back saying my site was clean, I contacted my Bluehost who told me that it was still infected and not able to be reactivated. This cycle happened a few more times, site still not restored.

That post is echoed by multiple people on Twitter, many of which are reporting that Bluehost said their sites were infected with malware and Sitelock (a Bluehost subsidiary) said the sites were clean.

It's not clear how many actually have a problem with malware, but what we can see is a worrisome pattern of Bluehost finding malware and then upselling its own malware removal service.

No matter whether there is a real problem with malware, that stinks to high heaven.

As someone who handles this kind of tech support issue at his other job,  my recommendation is two-fold.

First, get a second opinion on the malware. A couple days back I wrote a post explaining how to use Sucuri to check whether your site was infected with malware.

If you were my client, this is one of the things I would be doing for you as part of a comprehensive maintenance checkup. I would install the Sucuri plugin and run its test, remove or update any vulverable plugins or software, and then hire Sucuri to fix any problems which I can't solve on my own.

And once you've solved the immediate security issue,my long-term recommendation is that you move your website to another hosting company.

The simple fact is I have never seen a cluster of complaints like this before. Sure, sites get hacked all the time, but when we see a cluster of complaints we have to ask what all the sites have in common.

In this case, I think it is the hosting company.

I have read too many complaints about Bluehost. Their security has a terrible reputation, and I even know of a WordPress security plugin which was created specifically to deal with Bluehost's security issues.

And so if you got one of those emails from Bluehost, it is time to migrate your website(s) to another hosting company.

If you need help, drop me a line.

If you want a recommendation, MediaTemple is good, but expensive. Reclaim Hosting is also good, but it's focused on serving only the educational market.

Who is your hosting company? Would you recommend them?

image by aag_photos

About Nate Hoffelder (11594 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

2 Comments on Multiple BlueHost Clients Hit With False (?) Reports of Malware

  1. This sounds to me as if some too-clever-by-half executive at Bluehost was looking not just for a revenue stream but a revenue flash flood and came up with this scam.

  2. BlueHost is now part of EIG (Endurance International Group, i.e., the Borg). I migrated away from HostGator when they were assimilated by EIG, and I have been very glad that I did. First thing I noticed about http://h2ha.com/d9hosting was that I could actually contact support and get turnaround on my questions in an hour or less. Second thing I noticed was that the performance was 5 to 10 times better, especially on backups. Third thing I noticed was that even though I was paying more for the basic reseller plan, I was getting other services for free that I used to pay extra for, so the total cost was actually slightly better than a wash.

    Yup, I definitely recommend them. Actually, I would recommend almost any hosting company not owned by EIG.

Leave a comment

Your email address will not be published.


*