An account can be suspended if HostPapa has been notified that it is currently hosting a malicious website seeking to extort personal information from third parties.
Malware: is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software. https://en.wikipedia.org/wiki/Malware
Phishing: is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. http://en.wikipedia.org/wiki/Phishing
HostPapa is required to take direct action against websites hosting malware or phishing web pages, as described in HostPapa’s Terms of Service – Acceptable Use Policy (Section 6).
For more information, please review the terms of service for your region here: http://hostpapasupport.com/kb/hostpapa-terms-of-service/
How did this happen to you?
Hackers are continuously on the lookout for vulnerable websites to exploit for their personal gain. When they find security holes, they insert their own code into others’ websites as a way to promote their own illegal activities.
In the vast majority of cases where HostPapa receives malware/phishing complaints, our customers are using open source software and/or scripts (such as Joomla, WordPress, or Drupal) or plugins, themes, or forms that have not been updated with the latest security patches or updates.
What happens now?
Unfortunately, because your account and website have been compromised due to a security hole, your website files and hosting account must either be cleaned or completely deleted. If you have a good backup of your data, you can then restore your site. This is the only way in which to clear out potential issues that occurred during the exploit, such as files maliciously uploaded to your website folders (including viruses or malware).
In the case of a phishing attack, all files must be erased without exception. Phishing is an illegal activity, and any data collected by the phishing site must be confirmed deleted. Due to this, an account suspended for phishing cannot be un-suspended until the data is erased.
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. For more information about Phishing, please see Wikipedia Article: https://en.wikipedia.org/wiki/Phishing
If you have a backup that was created using the Backup Wizard from cPanel:
Please let HostPapa Support know and we will provide FTP access for you to upload this file to your account. We will then be able to restore this backup on your behalf and determine if this solves the problem.
If you have a backup that was created using another method, or if you have a partial backup:
You will need to restore the backup yourself. Please let HostPapa Support know by indicating that you wish to restore your own backup and we will provide access for you to do so. Once complete, we will determine if this solves the problem.
If you have HostPapa’s Automated Website Backup Service:
You will still need to completely delete your hosting data or clean the site before using this service to restore your website. HostPapa’s Automated Website Backup is an incremental backup service, and may not overwrite or erase new files left by the hackers.
If you do NOT have a backup of your website, or if attempts to clean your site or restore backups have failed to rectify the problem:
Regrettably, your account will need to be completely reset. Doing so will result in the loss of ALL data, including website files, email addresses and databases.
Although we are not obliged to do so, HostPapa will provide a 30 day period for you to choose a course of action and complete any work required from your side. If this situation is not corrected to our satisfaction, we may have no alternative but to terminate your account. Termination will include the deletion of your website files, email addresses, databases, and all files and email history located on our servers. For further information, please refer to Section 10 of our Terms of Service.
For more information, please review the terms of service for your region here:
How can you secure your website in the future?
HostPapa’s servers are secure by design. The security level of your website depends on the code within it that you upload to our servers. HostPapa also offers SiteLock – which allows you to detect threats to your website and protect your website visitors. Additionally, we strongly recommend that you read our knowledgebase article that provides tips on how to secure your website against potential harm, including updating it with the latest security patches for the software programs and scripts that you may use on your site: Tips on how to improve your website security