(the version on this site has been updated to correct some minor typos, and to clarify a few points–to read the original click the link above.)
NOTE: Bluehost customer service / sales chat reps are mostly useless… I have through a series of very frustrating chats with Bluehost support / sales reps, accidentally discovered a rep that is actually helpful: always ask for “Braxton”.
on that note, if anyone finds another helpful rep at Bluehost in any department, please post a comment below.
Several of our clients host with Bluehost. Are they the same as having your own Dedicated or VPS server? NO. They are a commodity level SHARED hosting company.
Does Bluehost work well for MOST WordPress sites? YES — if you have reasonable expectations, and are a responsible website owner…
Ask yourself these questions:
- Am I using a “shared hosting business pro” account, a “cloud site performance” account, or a “cloud site business pro” account? (and not one of the lower level cheapo accounts)
- Do I realize that these accounts at Bluehost are SHARED hosting?
- Do I have a development/testing/debugging server that I can transfer hacked sites to so I can clean them up?
- Do I clean up my broken site BEFORE asking the hosting company to re-enable my account? — cuz you know, it would be like totally jerk-faced of me to expect all of the other accounts on that shared server to suffer from my irresponsibility.
- Am I hosting only one (1) site in my hosting account, if my site is high traffic?
- Am I using a unique username, and not “admin” as my wp-admin username?
- Am I using the free “WordFence” plugin?
- Is “WordFence” set to automatically update itself?
- Am I using the free “Sucuri” Plugin?
- Do all of my WordPress Database tables start with something other than “wp_”?
- Do I keep WordPress core up to date?
- Do I keep all of my installed plugins up to date?
- Do I keep all of my installed themes up to date?
- Do I run daily security audits on my site? – or do I wait until my site has become a problem for all of the other accounts on the SHARED Server that I run on?
- Do I make daily backups of my site to a cloud backup service (Amazon / Dropbox / etc / etc)?
- Do I make understand PHP (and WordPress Core) well enough to find security holes in Plugins, WordPress Core, and all installed Themes? or do I at least pay a developer that does understand PHP (and WordPress Core) to handle this for me?
- Do I submit proposed security patches to the Plugin Vendors, WordPress Core, and the Theme Vendors? — and implement them in my own site.
- Did I use the FREE Sucuri Plugin to “Harden” my WordPress installation?
- Is SSH enabled in my hosting account?
- Do I understand Linux and SSH well enough to find NON WordPress based compromises in my Site?
- Do I know what to do about them when I find them?
- Do I understand how to use .htaccess to prevent direct code execution in my wp-includes, wp-content and uploads folders? (as well as whatever other folders various plugins create that need to be secured)
- Do I read the change-logs before I update anything?
- Do I login to my admin dashboard every day to check for updates?
- Am I using Plugins or Themes that cannot be updated (because I DON’T HAVE A VALID LICENSE)?
- Does someone else do these for me? — and do I understand that it is NOT a hosting company’s job to do this for me?
- Do I realize that is it MY responsibility to maintain and take care of my website? (many blame the hosting company – weird don’t you think — to shirk one’s responsibilities and pass the buck to someone that really has nothing to do with it — that’d be like a Vegan complaining that their Rare Steak wasn’t cooked enough.. makes no sense whatsoever)
- etc.. etc..
If the answer to any of these questions is NO, then use wordpress.com and stop using the open source community version of WordPress. or Hire someone to do these things for you.
Bluehost is no more insecure than any other commodity level SHARED hosting company. Bluehost only shuts down sites that are problematic for their other customers. (why in the world do people think they can be the only one on the whole planet that is entitled to use any server resources when they are paying less than $20/mo for hosting?)
EVERY OTHER SHARED HOSTING COMPANY SHUTS DOWN SITES THAT ARE BAD TOO.
IT IS NOT YOUR HOSTING COMPANY’S RESPONSIBILITY TO MAINTAIN YOUR WEBSITE. IT IS *YOUR* RESPONSIBILITY TO EITHER MAINTAIN IT, OR HIRE SOMEONE ELSE TO.
There you have it.. My two cents.
And NO, I don’t work for Bluehost. And yes I have several clients at other commodity level SHARED hosting providers. And yes I have several clients with their own VPS / Dedicated server. And Yes I have a few clients that host on their own network of multiple servers.
And YES their sites do get compromised sometimes. And YES they or I fix them. We never ask the hosting provider to do our job.
FYI.. If you are gonna get a bluehost account, get the “business pro” account. (unless you don’t plan on having any traffic or plugins installed.)
Thanks for the comment. Collin’s my son’s name so you’ve clearly got a good thing going there. We actually don’t say Bluehost sucks in our article anywhere. We do comment on how support and reliability have slipped, but even beyond that, this article is a lot more about WordPress.org saying it’s one of the “best and brightest” of the hosting world, which just hasn’t been the case in our experience. Appreciate you stopping by. Don’t be a stranger!
My Response to his Reply
Thanks for the reply.. Perhaps I could have been more clear.. For what WordPress is (and for that matter is not), Bluehost is one of the “best and brightest” SHARED hosting solutions there is for WordPress — mainly because everything else in that realm of hosting is pretty much the same REHL / Cpanel hosting. That said, and more for clarification purposes, if you read the end of my reply you will notice that I have many clients that do not use Bluehost (some have needs that far outweigh the possibilities of Bluehost).
I’d like to clarify a few things, but before I do… perhaps a bit of my background:
13 Years as a Unix / Linux Systems Administrator – with emphasis on Web Hosting, specifically PHP / Apache (or Nginx, and a few others) / MySQL
4 Years as a Visualization / Cloud / Cluster Hosting Engineer – with emphasis on Xen, Proxmox, CEPH, MooseFS, etc.
18 Years as a PHP / MySQL Developer.
5 Years developing WordPress plugins and Themes.
So.. to be very succinct and hopefully a lot more clear…
1. Bluehost is just as good as every other SHARED hosting provider for WordPress (and honestly better than most).
2. The reason most people have issues hosting on Bluehost is that they themselves have not done their part to maintain their websites.
3. The reason Bluehost (and all of the other SHARED hosting providers) shut down accounts (sometimes without notice) is to protect the integrity of the server itself.
3-a. If i lock someone out of my house, it is because I don’t want them causing me problems.
4. If someone has a bad experience hosting WordPress on Bluehost — and that someone doesn’t correct their negligence of their website – the WILL HAVE A BAD EXPERIENCE WITH EVERY SHARED HOSTING PROVIDER.
5. If SHARED hosting isn’t enough for someone’s WordPress site, there are other alternatives.
5-a. SHARED hosting IS enough for MOST WordPress installs, and Bluehost’s specific server setup is among the best of all SHARED hosting providers. (I have personally toured their data center, discussed technical things with their management and their server technicians, as well as with their network engineers.) I have also done this with several other hosting providers. Bluehost – thus far has the best, most stable, and most extendable (without network downtime) setup of all SHARED hosting providers that I’ve extensively looked into.
5-a. I did all that to make sure I was making an informed decision when making a hosting recommendation to my clients.
6. So Bluehost supports WordPress with some kickbacks.. That does not negate their network and setup.
7. Bluehost just recently (late spring 2015 through mid Summer) finished installing a whole load of new, top-level servers for their SHARED hosting customers.
8. I never said that you (or any commentators for that matter) said anything to indicate that Bluehost Sucks — didn’t even use the word Suck or Sucks at all. [Ctrl] + F … for “Suck”
9. Some commentators did actually say that they suck. Well they don’t. Irresponsible webmasters suck.
10. I really was replying more towards the irresponsible webmasters on this thread that B/Flame Bluehost for their own lack of responsibility towards their own website.
Non-the-less, I like your site, and I do appreciate your article.
And to all readers out there… WP Site Care offers these: http://www.wpsitecare.com/plans/
** No I am not an “affiliate” or otherwise related to WP Site Care ** (I just wish people would take some level of responsibility for their website — or hire someone that can)
So, if you don’t want to, don’t know how, or simply can’t take the time to maintain your WordPress site (wherever/however you host it) there is a solution for you… http://www.wpsitecare.com/plans/
Another thought… Saying that Bluehost isn’t among the best in their class of hosting without touring their data center, and interviewing (face-to-face) their staff/management/techs/engineers seems contemplative at best. Actually I thank you for that. People should contemplate these things. (Yes, I realize that this entire paragraph is an assumption on my part… so please correct my assumption if it is unfounded.)
And, the final thought.. Your son has an excellent name — he will grow up to be a well-rounded genius, liked by all. I am sure of it. 😉
My best regards,
ps.. Other good hosting providers:
Godaddy (If you can get past their egregious terms of srevice)
Aplus.net was good a few years back.. (not sure now, it’s been a while since I investigated them)
p.ps.. My personal experience with “WordPress” optimized hosting has NOT been good, they all seem to have caching problems, and are prohibitive to a whole lot of common and very useful plugins.. like, for example: Woocommerce.