Blue Host Deactivating Accounts For Malware/Virus Violations

We hear that Blue Host have been deactivating a number of accounts in the last few days for malware/virus violations. Don’t panic. Here’s what to do.


Woman wearing maskIf this has happened to you, you probably received an email recently from Blue Host saying:

Your web hosting account for has been deactivated, as of date. (reason: terms of service violation – malware/virus)

This deactivation was due to a Terms of Service violation associated with your account. At sign-up, all users state that they have read through, understand, and agree to our terms. These terms are legal and binding.

Although your web site has been suspended, your data may still be available for up to 15 days from the date of deactivation; if you do not contact us during that 15 day period, your account and all of its files, databases, and emails may be deleted.

If you feel this deactivation was made in error, or in order to gain access to your account, please call our customer service line as soon as possible at (888) 401-4678.

Firstly don’t panic. It’s likely your site has been hacked and your files infected. Here’s what you need to do:

  • Give Blue Host a ring +1 888 401 4678 option 5 and tell them that they have deactivated your account and you think you’ve been hacked. Then they can help you. They will tell you to go to Sucuri’s site and download a file that will fix the issue.
  • The file is called wordpress-fix_php.txt. Download, then rename the file wordpress-fix.php.
  • Login on BlueHost to get to CPanel.
  • In CPanel scroll down to the Files section and open File Manager.
  • Upload the file to the public_html folder.
  • As your account has been deactivated you will have to ring them back and get them to run the file from the command line. Once started the fix-file will work through all your files. This can take over an hour depending on how many files there are, so make a coffee or pour a wine depending on how you are feeling at this point. From the CPanel Advanced setcion you can run Process Manager and monitor when it has finished.
  • Once finished ring Blue Host back +1 888 401 4678 option 5.
  • They will then do a check and if all is ok they will reactivate your account.
  • When you get your account back,
    • update your version of WordPress or whatever you are using,
    • change all of your login names and passwords,
    • delete any FTP accounts you don’t need, and change passwords on those you do. These actions are VITAL for your continued security.

There has been a lot on the web about BlueHost and other shared hosting services like GoDaddy with regard to these hack attacks. But whether it’s the software or the host to blame is not clear. If you continue to have a lot of problems you can always move hosts withour going the whole hog of also moving domains, until you are sure things are better. We have a sister site called The eLearning Host is working in collaboration with LiquidNet Ltd., a UK-based company (Registration No. 4654498), which is a pioneer in developing innovative online solutions. Thanks to this fruitful partnership, a joint network has been set up, accommodating more than 21 000 web hosting accounts and 53 000 domains. We can provide you with hosting starting from just US$3.25 a month. Give us a try?

Leave a Reply