HostGator Security Scans and Quarantines

HostGator completes weekly backups of all of our servers except Dedicated servers, per our backup policy. After the weekly backup is taken we scan the files for any possible malicious file signatures. If any malicious files are located these are then set to a quarantine folder so that the files are not lost if legitimate, but are no longer visible online

HostGator will send an email to the account owner with the details of what was found. The following is a copy of the email that is sent out if any malicious files are located:

During a scan of our servers we identified malicious content in accounts under your control. We have quarantined the files listed below to prevent abuse. Please note that no services have been disabled and no legitimate content has been affected by this action. However, it is possible that other malicious activity may have disrupted your services.

The most important things you can do to ensure the security of your account are to make sure your software (e.g WordPress) is up-to-date, and that your passwords are strong. We strongly encourage you to change all of your account passwords and update all software as soon as possible to prevent any further compromises or abuse.

We understand that any risk to our network reputation is a risk to our customers reputation and so we take third-party reports of network abuse seriously. In order to protect our shared reputation we may disable account services in the event of a third-party report of network abuse until we are confident that the account has been properly cleaned and secured. This email is to inform you of content found by our proactive scans, and is not the result of a third-party abuse report. No services have been disabled as a result of this discovery.

Additional information on HostGator's policies, and what activity is damaging to a network's reputation in general, is available in our knowledge base:

If you would like help in securing your account we recommend SiteLock, a security service and partner of ours. They can be contacted at 844-631-8637. HostGator Security Department

To prevent further issues with malicious files we recommend the following,

  1. Update any installed software on the server, such as Wordpress or other PHP scripts.
  2. Run an Antivirus scan on any computers that have accessed the hosting package.
  3. Reset your cPanel password to a new secure password. Please see the following article on how to update your cPanel password.
  4. Signing up for our SiteLock scanning malware service. For more information about SiteLock features and plans, please see the following article: SiteLock Special Offer.

If you believe the files we have quarantined are not malicious, please contact us via phone or Live Chat to have the files removed from quarantine.