Multiple BlueHost Clients Hit With False (?) Reports of Malware
If you have a site hosted on Bluehost, you might want to take a few minutes today and double check your site’s health and security.
Over the past week I have heard from a client (and a friend) who have sites hosted on Bluehost. Obviously I can’t name names, but both told me that they had gotten emails from Bluehost with the news that their sites were infected by malware (in the case of one, multiple sites).
And then this blog post concerning a false positive report for malware crossed my desk today:
I had a bit of a scare on Sunday. I got an email from Bluehost that my server had been infected and deactivated and if I did not clean it up it would be deleted in 15 days.
After the email, I called them and they said my site was infected and I would have to use a service called SiteLock to get my site back up. SiteLock told me my only choice was to purchase their minimum fee of $120 a month for 6 months. A smart person would have investigated more options but I didn’t. Like others who are in over their heads, I felt I had no choice. I gave them my credit card information and they started cleaning up my server. After their first email came back saying my site was clean, I contacted my Bluehost who told me that it was still infected and not able to be reactivated. This cycle happened a few more times, site still not restored.
That post is echoed by multiple people on Twitter, many of which are reporting that Bluehost said their sites were infected with malware and Sitelock (a Bluehost subsidiary) said the sites were clean.
Can any1 reach @bluehostsupport? Disabled my site citing malware.But SiteLock says I'm clean. No @bluehost chat or phone support responding.
— We Teach We Learn (@WTWLedu) September 23, 2016
@bluehostsupport My client's server has been deactivated for malware issues. Sitelock saying no malware found. No response from Bluehost
— Santanu Das (@meetsantanudas) September 20, 2016
@bluehost Can U pls reactivate my services now. Theres no malware as confirmed by ur rep. Reminds me of US tryin to fnd MD weapons in Iraq.
— Harshad Ghodke (@GhodkeHarshad) September 12, 2016
It’s not clear how many actually have a problem with malware, but what we can see is a worrisome pattern of Bluehost finding malware and then upselling its own malware removal service.
No matter whether there is a real problem with malware, that stinks to high heaven.
As someone who handles this kind of tech support issue at his other job, my recommendation is two-fold.
First, get a second opinion on the malware. A couple days back I wrote a post explaining how to use Sucuri to check whether your site was infected with malware.
If you were my client, this is one of the things I would be doing for you as part of a comprehensive maintenance checkup. I would install the Sucuri plugin and run its test, remove or update any vulverable plugins or software, and then hire Sucuri to fix any problems which I can’t solve on my own.
And once you’ve solved the immediate security issue,my long-term recommendation is that you move your website to another hosting company.
The simple fact is I have never seen a cluster of complaints like this before. Sure, sites get hacked all the time, but when we see a cluster of complaints we have to ask what all the sites have in common.
In this case, I think it is the hosting company.
I have read too many complaints about Bluehost. Their security has a terrible reputation, and I even know of a WordPress security plugin which was created specifically to deal with Bluehost’s security issues.
And so if you got one of those emails from Bluehost, it is time to migrate your website(s) to another hosting company.
If you need help, drop me a line.
If you want a recommendation, MediaTemple is good, but expensive. Reclaim Hosting is also good, but it’s focused on serving only the educational market.
Who is your hosting company? Would you recommend them?
image by aag_photos
Ed Bear September 28, 2016 um 3:08 pm
This sounds to me as if some too-clever-by-half executive at Bluehost was looking not just for a revenue stream but a revenue flash flood and came up with this scam.
Howard Harkness October 3, 2016 um 1:14 pm
BlueHost is now part of EIG (Endurance International Group, i.e., the Borg). I migrated away from HostGator when they were assimilated by EIG, and I have been very glad that I did. First thing I noticed about http://h2ha.com/d9hosting was that I could actually contact support and get turnaround on my questions in an hour or less. Second thing I noticed was that the performance was 5 to 10 times better, especially on backups. Third thing I noticed was that even though I was paying more for the basic reseller plan, I was getting other services for free that I used to pay extra for, so the total cost was actually slightly better than a wash.
Yup, I definitely recommend them. Actually, I would recommend almost any hosting company not owned by EIG.
David December 21, 2016 um 1:13 am
This month one of my friend got this nasty email and the websites with notices. Believe it, the email was dated as 2011. Getting people in to them and later hitting them?