What to do when your hosting provider flags your website?

According to Forbes, on an average more than 30,000 websites get hacked every day. A hacked website brings your business to a stand-still. Your customers either see a hacked page, a warning by google or website under maintenance message when they visit your website. Something that no website owner wants! One needs to do a lot of back-n-forth with hosting provider and review website code to find the cause or can hire professionals to clean this mess.

The top causes of your website getting hacked can be:

  1. Unsecure website code
  2. Vulnerable plug-ins being used
  3. Un-patched vulnerabilities in the website
  4. Vulnerable servers

As you can see the top reasons for your website getting hacked are NOT concerning your hosting but your website code. In such situations, your hosting provider cannot help you. One simple reason for that is because your hosting provider can assure that the servers you are using are secure but the code of the website becomes your responsibility. And hackers, malware and other internet threats target the website code more than the servers. Hence, it becomes difficult for your hosting provider to fix this for you.

Reasons why hosting provider could have flagged your website

  • Malware detection: Each hosting provider run malware scanners on all the websites they host. If a malware scanner detects that your website has some malicious code then hosting providers often email you saying that your website is suspended.
  • Blacklisted code detected: Often there are libraries and functions which get blacklisted by search engines as they are known to be vulnerable and exploited by hackers. If your website is using such such code then it comes under the radar of bots/hackers leading to an easy target.

The only way to fix this and get your website up is to scan your website for malware, backdoors and also perform a security audit on your website. Or maybe hire professionals for the same who can help you clean this mess. Once that’s done, it is a good practice to have a website firewall in place. A website firewall assures 24×7 security for your website. I’ve been using Astra firewall which has worked quite well for me, here’s a quick look:

In a situation like this, the best is to:

  • Update your website CMSs
  • Make sure you use latest version of plug-ins
  • Analyze your website code for deprecated functions
  • Hackers often inject malware very subtle, a detailed review by professional is recommended!