dumitru
Well-known member
OK, so I decided to share this amazingly frustrating and infuriating experience that I'm going through right now with HostGator, a hosting provider. Some of you might be their customers. It is a longer read, but what happens is actually frightening.
So here's the deal. I've been a HostGator customer for ~10 years. Currently I have 2 accounts with them, for one I pay $110 / year, for another I pay $648 / year, that is $760 total per year for hosting (yes).
Today at 5:17 PM (my time) I get a long email from them informing me that my cheaper account has been suspended for distributing malware. As a developer that's always an alarming thing to happen, as I immediately assume that all my credentials have been compromised across all platforms.
I check my domains associated with this account and, sure thing, all 10 domains (with ~7,000 daily visitors combined) show a parked page (with ads earning money for HostGator).
So I immediately jump back to the email to read what happened, what files were compromised and how to proceed. And that's when Thor's hammer hits me.
Now that 5 hours have passed since my domains are suspended (and their support is even slower than Ben Carson), I was able to put together the timeline of what happened:
1. On 29th of January 2016 (more than 3 weeks ago) a German website that sells "website security services" sends a made-up abuse letter to the Abuse department of HostGator, informing them in a very spammy-worded letter and with bad grammar, that their automated scanner revealed that my domain name "PERHAPS" contains some malware, even though they are not sure. And this third-party German company thinks that HostGator SHOULD NOT disable my account but MAYBE should inform me that MAYBE my domain has some issues. And that I should hire this third-party German service to make an audit of my website.
The letter contains zero information about the alleged malware, about the location, about the file, type of malware, etc. 100% SPAM/SCAM letter.
2. On 23th of February 2016 (today), HostGator suspends my account and simply forwards me the letter from the German company, and adds the following statement at the top of the email:
In order to remove the restrictions we'™ve placed, you must resolve the security issue and remove what malicious content was listed. If you do not believe you can do so on your own, you may use a reputable third-party security service, such as SiteLock, who can be reached directly at 877-563-2849. Please note that repeated reports of malicious content on your account within 60 days of an initial notice will lead to further action being taken, including permanent suspension after failing to professionally clean the account.
Once you have taken steps to secure your account of the reported content, please reply back to this ticket to request review.
This "reputable" third-party security service that they are referring to, SiteLock, is a partner of HostGator and they have been aggressively pushing it on a lot of pages and in multiple support pages. This service costs an extra ~$2-3 / month and basically does what any hosting provider should do by default for their customers - protect their websites from unauthorized access.
HOWEVER, if your website has already been reported as compromised (which mine has), then SiteLock does a clean-up job for a $200 one-time fee.
In the email latter HostGator provided ZERO information about the issue: they can't say what has been compromised, they can't say where the malware is located, they can't say absolutely anything. You know why? Because there is no malware.
Google Webmaster Tools does not report any issues, and usually they are the first ones to catch any mischievous actions.
3. I immediately contacted HostGator live chat, and after about 20 minutes of talking to the support rep I was told that the support rep cannot do a thing, that he has zero access and knowledge of the issue, and that I should do as told - hire SiteLock.
Then I took the issue to Twitter, where HostGator immediately responded about 5-6 times, and in every single tweet all they could say is along these lines: "We don't know what happened, but you should pay SiteLock the $200 and then they will do the job for us".
They also repeatedly told me to scan my website, which I did of course, and there's absolutely nothing there. No recently modified files, nothing.
4. While doing the Twitter thing I also asked some questions and updated the alleged malware support ticket that they created. It has been 5 hours and nothing happened yet.
[h2]
In conclusion: [/h2]
HostGator pushes the services of their partner SiteLock by hijacking and blackmailing their customers into paying the $200 clean-up fee and by signing up with SiteLock for the monthly payments. They do this by creating fictional abuse malware reports or by using them in their own interests.
And if they don't create the abuse reports themselves, they simply suspend any account that gets even fictional and spammy abuse reports. They don't investigate, they don't review, they simply suspend and try to sell a third-party service. And the funny thing is that in their letter to me informing about malware, they also CC'ed it to the email address of SiteLock. So what they also did was share confidential information about their customer with a third-party service, without me wanting that, asking for that or anything else.
The same issue has been reported in the last couple of months here and here.
I'm telling you all of this so that you know to never trust even your hosting companies, whoever they are. Because in an attempt to grab some easy money, they can hijack your websites for made-up reasons and "suggest" using partner services.
Tomorrow I will file whatever complaints that I can with the US and European consumer protection agencies, as this is simply appalling.
Thank you for listening ^_^
So here's the deal. I've been a HostGator customer for ~10 years. Currently I have 2 accounts with them, for one I pay $110 / year, for another I pay $648 / year, that is $760 total per year for hosting (yes).
Today at 5:17 PM (my time) I get a long email from them informing me that my cheaper account has been suspended for distributing malware. As a developer that's always an alarming thing to happen, as I immediately assume that all my credentials have been compromised across all platforms.
I check my domains associated with this account and, sure thing, all 10 domains (with ~7,000 daily visitors combined) show a parked page (with ads earning money for HostGator).
So I immediately jump back to the email to read what happened, what files were compromised and how to proceed. And that's when Thor's hammer hits me.
Now that 5 hours have passed since my domains are suspended (and their support is even slower than Ben Carson), I was able to put together the timeline of what happened:
1. On 29th of January 2016 (more than 3 weeks ago) a German website that sells "website security services" sends a made-up abuse letter to the Abuse department of HostGator, informing them in a very spammy-worded letter and with bad grammar, that their automated scanner revealed that my domain name "PERHAPS" contains some malware, even though they are not sure. And this third-party German company thinks that HostGator SHOULD NOT disable my account but MAYBE should inform me that MAYBE my domain has some issues. And that I should hire this third-party German service to make an audit of my website.
The letter contains zero information about the alleged malware, about the location, about the file, type of malware, etc. 100% SPAM/SCAM letter.
2. On 23th of February 2016 (today), HostGator suspends my account and simply forwards me the letter from the German company, and adds the following statement at the top of the email:
In order to remove the restrictions we'™ve placed, you must resolve the security issue and remove what malicious content was listed. If you do not believe you can do so on your own, you may use a reputable third-party security service, such as SiteLock, who can be reached directly at 877-563-2849. Please note that repeated reports of malicious content on your account within 60 days of an initial notice will lead to further action being taken, including permanent suspension after failing to professionally clean the account.
Once you have taken steps to secure your account of the reported content, please reply back to this ticket to request review.
This "reputable" third-party security service that they are referring to, SiteLock, is a partner of HostGator and they have been aggressively pushing it on a lot of pages and in multiple support pages. This service costs an extra ~$2-3 / month and basically does what any hosting provider should do by default for their customers - protect their websites from unauthorized access.
HOWEVER, if your website has already been reported as compromised (which mine has), then SiteLock does a clean-up job for a $200 one-time fee.
In the email latter HostGator provided ZERO information about the issue: they can't say what has been compromised, they can't say where the malware is located, they can't say absolutely anything. You know why? Because there is no malware.
Google Webmaster Tools does not report any issues, and usually they are the first ones to catch any mischievous actions.
3. I immediately contacted HostGator live chat, and after about 20 minutes of talking to the support rep I was told that the support rep cannot do a thing, that he has zero access and knowledge of the issue, and that I should do as told - hire SiteLock.
Then I took the issue to Twitter, where HostGator immediately responded about 5-6 times, and in every single tweet all they could say is along these lines: "We don't know what happened, but you should pay SiteLock the $200 and then they will do the job for us".
They also repeatedly told me to scan my website, which I did of course, and there's absolutely nothing there. No recently modified files, nothing.
4. While doing the Twitter thing I also asked some questions and updated the alleged malware support ticket that they created. It has been 5 hours and nothing happened yet.
[h2]
In conclusion: [/h2]
HostGator pushes the services of their partner SiteLock by hijacking and blackmailing their customers into paying the $200 clean-up fee and by signing up with SiteLock for the monthly payments. They do this by creating fictional abuse malware reports or by using them in their own interests.
And if they don't create the abuse reports themselves, they simply suspend any account that gets even fictional and spammy abuse reports. They don't investigate, they don't review, they simply suspend and try to sell a third-party service. And the funny thing is that in their letter to me informing about malware, they also CC'ed it to the email address of SiteLock. So what they also did was share confidential information about their customer with a third-party service, without me wanting that, asking for that or anything else.
The same issue has been reported in the last couple of months here and here.
I'm telling you all of this so that you know to never trust even your hosting companies, whoever they are. Because in an attempt to grab some easy money, they can hijack your websites for made-up reasons and "suggest" using partner services.
Tomorrow I will file whatever complaints that I can with the US and European consumer protection agencies, as this is simply appalling.
Thank you for listening ^_^
![Bed & Breakfast Tracker Plus [Download]](https://m.media-amazon.com/images/I/51m1WPxMV7L._SL500_.jpg)
![Bed & Breakfast Tracker Plus for Mac [Download]](https://m.media-amazon.com/images/I/51iSnnH5vmL._SL500_.jpg)
