My Account was Hacked!

If you are the victim of a hacker, immediately submit a ticket to our Security department and our experts will investigate and remove this hack correctly.

HostGator offers one complimentary account scanning/cleaning per six month period when you open a Security ticket, per the following schedule:

Shared: Customers may request one free cleaning per account every six months.

Reseller: Customers may request one free cleaning per each resold and reseller account every six months.

VPS/Dedi: Customers may request one free cleaning per each account on the server every six months AND may request one full server scan every six months.

If this service is required more than once within a six month period, there will be a premium involved. Alternatively, you may use a third party cleaning service such as SiteLock.

In the meantime, it is vital that you avoid logging in or making any changes to the files/folders on the account so the necessary time stamps stay in place and the investigation proceeds as smoothly as possible. Our Security team will notify you via email once the investigation has been completed.

Note: Only Security Administrators can help you with abuse issues and hackers. Please submit or reply to the Security email for updates.

Hacked Account: What to Look For

In all cases, we recommend some sort of professional service; however, If this option is not available to you, you may wish to consider removing files or directories which have been recently added and you do not recognize as part of your site. Things to look for include:

  • Strangely named files or directories (i.e: xf8c3l.php or /home/username/public_html/wellsfargo)
  • PHP files located in image folders
  • Base64 or other encrypted injections inside of site files which can be removed using file editors.
If a Google malware page was reported, please refer to the following article for details on how to remove the warning after the account has been cleaned: