HostGator Security Scans and Quarantines
HostGator completes weekly backups of all of our servers except Dedicated servers, per our backup policy. After the weekly backup is taken, we scan the files for any possible malicious file signatures. If any malicious files are located, these are then sent to a quarantine folder so that the files are not lost if legitimate, but are no longer visible online.
HostGator will send an email to the account owner with the details of what was found. The following is a copy of the email that is sent out if any malicious files are located:
During a scan of our servers, we identified malicious content in accounts under your control. We have quarantined the files listed below to prevent abuse. Please note that no services have been disabled, and no legitimate content has been affected by this action. However, it is possible that other malicious activity may have disrupted your services.
The most important things you can do to ensure the security of your account are to make sure your software (e.g. WordPress) is up-to-date, and that your passwords are strong. We strongly encourage you to change all of your account passwords and update all software as soon as possible to prevent any further compromises or abuse.
We understand that any risk to our network reputation is a risk to our customers' reputation, and so we take third-party reports of network abuse seriously. In order to protect our shared reputation, we may disable account services in the event of a third-party report of network abuse until we are confident that the account has been properly cleaned and secured. This email is to inform you of the content found by our proactive scans and is not the result of a third-party abuse report. No services have been disabled as a result of this discovery.
Additional information on HostGator's policies, and what activity is damaging to a network's reputation in general, is available in our knowledge base:
If you would like help in securing your account, we recommend SiteLock, which is a security service and partner of ours. They can be contacted at 844-631-8637. HostGator Security Department
To prevent further issues with malicious files, we recommend the following:
- Update any installed software on the server, such as WordPress or other PHP scripts.
- Run an Antivirus scan on any computers that have accessed the hosting package.
- Reset your cPanel password to a new secure password. Please see the following article on How to Request a New cPanel Password.
- Proactively protect against malware and vulnerabilities with a website security plan from our partners at SiteLock. For more information check out the SiteLock Website Security Special Offer.