I’ve long recommended Bluehost as my first-level recommendation for web hosting. However, I can no longer do so. Here’s why.
You’ve probably noticed that a lot of bloggers out there recommend Bluehost. Why is that?
Well, they’re popular. They’re affordable. And they pay a respectable commission.
That last part really is the key, I believe. There are a lot of bloggers out there who will recommend Bluehost simply because of the commission. And typically, web hosting companies pay pretty good commissions.
Being in the position I am in here, I always need to have a “go to” recommendation for web hosting. But, it has been a little bit of an odd thing for me.
My first rule of any product recommendation has always been: I don’t recommend anything I haven’t used myself.
The web hosting that I am currently using for this website is WPEngine. If I had my way, I’d have all of my new blog owners sign up for hosting at WPEngine. I think they’re a great company, has support among the best I’ve ever worked with in my 17 years in the business, and their WordPress-specific features (like one-click staging site) is just freakin’ awesome.
So, if you want to go for what I think is your best bet, you’d use WPEngine. (although, wait get to the end of this post as it could change your mind)
That said, I realize that many in my audience will find WPEngine too expensive. With plans starting at $29/month, it can be a bit of a buzz kill for a blogger who is bootstrapping. The ol’ motto of “you get what you pay for” remains true, but it doesn’t sting any less.
So, for quite some time, my “go to” recommendation has been Bluehost. It falls within the budget of a bootstrapping new blogger and that’s important.
It also happens to satisfy the rule I have. I do currently still have something hosted with Bluehost.
Plus, Bluehost is affordable. They can adapt to you as you grow. They fit the bill very well for many new and upcoming blog owners getting established with their business. And to be clear, I will continue to hold Bluehost as a viable option.
That said, I’ve cooled off on it. And I think I need to explain why.
It Started “Over There”, Then It Happened To Me…
For the last year or so (give or take), I was hearing rumblings of issues over at Bluehost. I’d see conversations about sites getting hacked over and over again, people getting fed up and moving elsewhere.
I also have people I know who don’t like Bluehost. One friend of mine who does custom sites for clients and he tells me to stay far away from Bluehost, based on his experience.
The story is that Bluehost is part of a larger conglomerate that also includes Hostgator and many other companies. That parent company is Endurance International Group, or EIG. They own a number of subsidiary brands, including Bluehost, Hostgator, Constant Contact, Domain.com, Dotster, iPage, JustHost and many others. When EIG took over Bluehost, the rumors are that the quality of service dropped.
For me, those rumors were always “over there”. I heard some of these rumors through the grapevine but I hadn’t experienced any of it myself.
But, then I did.
I woke up one morning to find that the site that I have hosted with Bluehost had been hacked.
The hackers clearly didn’t have any bad intentions toward me. This was just to show they could. They littered my account with a bunch of oddball files and they dropped a text file into every directory to claim the credit and name their group. I actually think they look at it as a public service to show security vulnerabilities by hacking. My site was up and running fine – they didn’t damage anything. They simply littered up the file system with bogus files.
So, first issue is that they were able to do that quite easily. I highly doubt they singled me out. This site isn’t even a public site that I host over there. It is an internal system. So, this was clearly a broad mass hack taking advantage of an insecure hosting environment on shared hosting.
The second issue, however, is how Bluehost handled it.
I wish I had the emails to show, but I don’t. Essentially, I contacted Bluehost support to tell them my account had been hacked. I pointed out that they had injected the file system with a bunch of files, and I pointed out one of the files as an example.
The response from Bluehost was essentially to delete that ONE file (leaving all the rest)… then told me it was handled. There was literally ZERO comment about how they were able to get into the server to begin with. When I emailed back to tell them this, the response was just to tell me to update my software.
What struck me about all this was:
- The support person was clearly not experienced, and the job was simply to close the support ticket.
- It was as if there was zero concern at all that their system just got hacked.
- The support person didn’t actually read my email. I’m a pretty techie person, so I was pretty specific in what I saw had happened. So, for the response to be to delete one file and call it a day, I was surprised at the lack of attention.
After all that, I got a survey for me to rate my satisfaction with their support. Found that funny, really, seeing as they had closed my ticket and the situation was not resolved.
So, this experience definitely had me questioning Bluehost.
How can I, in good conscience, continue to recommend Bluehost as my first-level hosting recommendation to new people when they clearly have an insecure hosting environment (at least on their cheaper shared plans) and don’t even care that that’s the case?
So, Does Bluehost Suck Now?
Well, not sure I’d go that far. Certainly, there are still many people using Bluehost who are satisfied.
You get a lot for your money with Bluehost. It has been mostly just fine for what I’m using it for. I paid Bluehost about $142 for 3 years of hosting, which works out to $3.95/month. I mean, it is cheaper than dirt so it is what it is.
However, Bluehost is a company which makes money in volume. I think their support people may very well be overseas and I don’t think they’re super-experienced. Bluehost is just fine as long as things keep working. And I’m sure there are stories out there of good support from Bluehost. I never really had a problem with them until this hacking incident. To be clear, though, I never contacted Bluehost support until this incident, so from my perspective, this is a 1-to-1 ratio of incompetence.
Some other bloggers may continue to recommend Bluehost and ignore this issue because, well, the affiliate commissions are good. And there are a fair amount of bloggers who make good money pimping Bluehost – some more than others.
But, I can’t continue to recommend as my first recommendation a company which personally disappointed me.
My New First-Level Recommendation: SiteGround
I have been aware of SiteGround for quite some time, but it was just one of the many hosts in the mix. Didn’t pay it any attention.
But, it began to spring up in conversations more often. I’d see social media threads of people complaining about Bluehost and said they’ve had good luck moving to Siteground.
Then, it began to happen inside the Blog Monetization Lab itself. Several of my Lab members moved to SiteGround (before I ever recommended it) and were very happy with it.
Then, one day I got approached by the affiliate manager for SiteGround. No surprise there, as affiliate marketing is a huge way hosts promote themselves. I had a conversation with him (over email) about why SiteGround is better than Bluehost. He even explained to me why he thinks SiteGround is a better solution that WPEngine, which he knew I liked.
The bullet points were this:
- He believes WPEngine charges a premium for a level of service which doesn’t justify the cost. SiteGround offers similar managed WordPress hosting for less.
- They run an effecient operation, with a very heavily systematized business. This allows them to keep costs down for higher levels of service.
- The platform they used to manage their systems is tried and true and the development costs for it are in the past, which means they don’t have to pass the cost onto customers.
- He believes that WPEngine’s pricing is more about going after that perception of “high end hosting”, but in reality the hosting isn’t much different than the managed WP hosting of its competitors
- They have aggressive hiring and training practices for their support staff.
- They provide free website transfers from other hosts.
- Free domains for LIFE.
- Their managed hosting for WordPress doesn’t limit you to WordPress, which means you can run other software, too. That’s an advantage.
So, I was impressed. I know he was selling his company (that’s his job), but he was making good points.
But, to back all this up, I was seeing great reviews and experiences from Siteground customers – even from inside my own Lab community. That says alot.
My ONLY problem here was my own personal rule about not recommending something I haven’t personally used. And, as of this time, I do not currently have a SiteGround account.
I will be fixing that issue in due time. 🙂 My Bluehost account is pre-paid for a bit and I have had other priorities than moving what’s over there, but I will very likely be moving off Bluehost and switching it to SiteGround.
I also have a little side blog I just started (more on that later, perhaps). It is currently with WPEngine, however I’m going to move it to Siteground as my test of their managed WP hosting.
I do, of course, now have an affiliate relationship with SiteGround. I’m a businessman, so that’s obvious. 🙂 But, I hope I’ve made clear here that I take my product recommendations seriously around here. I don’t promote anything just for a commission. I do it based on what I think is truly their best option for where they’re at.
In fact, I’m taking a commission hit by switching my primary recommendation. I don’t currently make as much per signup as a Siteground affiliate as I do with Bluehost. However, there’s a matter of consistency and, well… karma.
I cannot, in good conscience, continue to recommend to all my readers to get a Bluehost account. If I personally got hacked, was disappointed in how they handled it, and am thinking of leaving, then how can I recommend it to others?
I think SiteGround is just a better option.
And while I still like WPEngine, I’d be a fool not to admit that SiteGround can provide what looks to be the same level of service for much less than WPEngine. I haven’t tested it yet, but I will be and I will update you on my findings.
So, here’s the deal…
- Get treated well. 🙂
- Get WPEngine-style hosting for much less monthly
- They’ll move your site from your current host for free
- You’ll get a free domain – FOR LIFE.
SiteGround will now be listed as my main hosting recommendation on my Resources page. And now, you know why. 🙂