We had a call from one of our clients yesterday – she told us that her hosting company shut down her website because it was hacked and told her that they can’t reactivate the website unless the website is cleaned up or unless she subscribes to a security plan that costs $99/month.
Our client ran a small business on a very old Joomla website (Joomla 1.5.26 because she couldn’t afford to migrate it to the latest version), and she didn’t want to pay the $99 every month, and so she called us and asked us if we can cleanup the website. Naturally, we asked her to ask her host to re-enable the website (they disabled the website from their end so we can’t just re-enable it) so that we can fix the problem. She called them immediately and asked them to re-enable the website (so that we can do the cleanup), but they told her that they can’t do that (because it’ll compromise their network), and that she must go with the (fake) monthly security plan to re-enable her website. Unfortunately, she did, and guess what, it turned out that the website wasn’t even hacked in the first place because the moment she agreed and purchased the monthly security plan they re-enabled her website (she was still on the phone when the re-enabled it).
We know some hosts out there are completely unethical, but this is breaking new lows: claiming that a website is hacked when it’s not and forcing the Joomla administrator to sign up for a security plan that does really nothing.
We did tell our client that she has to move her website somewhere else, but she said that she can’t afford any disturbance in her business at the moment, and that she has to acknowledge the $99/month as “the cost of running a business”.
If you’re put into this situation, then our only suggestion is to move to another host immediately. If you let them extort you once, then you give them no reason not to extort you again. If you need help moving your website to another host, then check this post or just contact us. We’ll move your Joomla website anywhere you want for no time and for a very affordable fee.
That’s ridiculous and the only way it can “impact their network” is if they don’t have sufficient security in the first place.
We host lots of 1.5.26 sites, with some additional patches developed after EOL. Also we’ll restore a full cPanel account backup, given that it comes from a trusted source, so you can retain email, forwarders, etc.