This is a tale of woe, and more so because I’m with the dreaded lurgy. I’ll keep it brief:
My sites have been hosted with Bluehost for more than 10 years. In that time, I’ve paid the company several thousand dollars to have a couple of crappy blogs online, as well as to provide hosting for websites belonging to my mother, my father-in-law, a cousin of my wife and the odd friend from time to time. For a very small amount of traffic, I had paid Bluehost quite a lot of money. I think it was good business for them.
A couple of years back, Bluehost was bought by EIG, a hosting company which has become enormous by buying loads of other hosting companies in the last few years. This is when things started to go wrong. One day, hackers targeted my site (probably by means of a corrupted WordPress plugin), it was hacked and malicious files propagated across various WordPress installations.
There isn’t, you see, a way of preventing this.
Except there is!
The long and short of it is that Bluehost fails to provide industry-standard security for their hosting packages, preferring to charge $50+ per website (upwards of $400 a year for me in total) to prevent hacking attacks.
Partly as a result of this Bluehost then shut down all of my hosting and informed me that I had to remove the malicious files to get the sites back online. I did so. But a few months later, the sites were hacked and suspended once again. This time I removed the files that Bluehost told me about, only to be informed that “This is just a sample of the infected files, you’ll need to go through every file in your hosting, line by line, to be sure”.
There isn’t, you see, a tool to fix this.
Except there is!
Bluehost just wanted to charge me hundreds of dollars to remove the malicious files. After dealing with their customer service several times, including via Twitter, it became obvious that Bluehost was unwilling to help a longstanding client with an industry-standard solution. So after languishing in limbo for several months, I have managed to obtain my database files (again, no help from Bluehost who have made backing up WordPress sites a premium service, meaning I had to use phpMyAdmin, which fortunately I know how to use but many other users would obviously have just paid at this point or before).
No company is perfect, of course, but when a company starts to charge more for basic services or ignore its longstanding clients, it’s time to move on. I’ve moved to MDDHosting, which seems to be a decent outfit. The other sites previously hosted at Bluehost will shortly come online here, hopefully with their content fully intact. I still need to add in the old images for this site, restore categories and tags, etc, but that’s pretty simple work.
So hello again, and fuck you very much, Bluehost. Thank you. I’m back, baby!