Many providers of “low-cost” shared web hosting like Hostpapa advertise “unlimited bandwidth” — but it’s a scam, and you could end up with your website shut down and back-up functions blocked unless you pay higher fees. Don’t get burned. Learn from my experience.
In 2018-19, the web hosting provider Hostpapa started slowing down (“throttling”) my website, and then suddenly without notice shut my site down completely until I paid higher fees. This seemed like a scam. I investigated and discovered that’s exactly what it was – and I was far from Hostpapa’s only victim. In this post, I summarize what I learned about this profitable scam aspect of Hostpapa’s regular business operations. I do it in a way that is understandable for non-technical people, and I then suggest key questions to ask before signing up with any “cheap” web hosting provider like Hostpapa.

Hostpapa gets generally good reviews. Learning #1: You cannot trust most reviews of web hosting providers. Search engines return “Reviews of…”, “Top ten…” and “Best…” lists very high in search results, so there are massive profits in posting such lists and reviews. Most reviews of the “best web hosting providers” are put together by a person or company that’s typically getting paid by the web hosting companies every time a visitor clicks through to the companies’ websites, and is paid more if the visitor signs up. So if a top-ten list gives a very bad review, it’s usually just because that particular company has no such “affiliate programs” with scam reviewers. (Reviews done by established, independent tech magazines are a better bet.)
I signed up for Hostpapa’s medium, “unlimited bandwidth,” shared web hosting plan that said they would “never charge higher usage fees” – so what could go wrong?

One day out of the blue I received an automated message from Hostpapa telling me that my website had been using up so much server resources that Hostpapa had shut my website down. I could not even access my website to manage it. The email said that I could regain access to my site if I started paying monthly fees that were ten times more than what I was currently paying.

Most people without technical knowledge probably just pay the higher fees. What choice do you have? But I had a little technical knowledge and a lot of suspicion. My WordPress blog on Hostpapa was small, and the traffic was very light. I contacted Hostpapa and explained this and reminded them I was on an “unlimited bandwidth” plan that said I’d “never be charged higher usage fees”.
Hostpapa staff said my “unlimited” plan wasn’t actually unlimited. They said the “bandwidth” was unlimited but not the “server usage”. Learning #2: The commonly advertised feature of “unlimited bandwidth” for shared web hosting plans is misleading.
For non-technical users, “bandwidth” can be understood as the width of a pipe, while “server usage”, is the amount of liquid your website sends back and forth through the pipe. Hostpapa sent me a link to their policy that described extremely tight, strict limits on “server usage” – the number of monthly drops my website was allowed to send through the pipe to web users. But this policy was never mentioned in Hostpapa’s ads or Terms of Service.

I persuaded Hostpapa to let me back into my website, and I tried to ensure that I had a backup of the content. However, Hostpapa was still throttling my website so heavily that, no matter what back-up tool I used, it would time out.
Hostpapa then sent me a list of technical tips to “correct the problems” that were causing my “excessive server usage.” I had to spend many hours researching to figure out how to implement them. I finally managed to implement them all — and it made absolutely no difference. Hostpapa shut my website down again.
Hostpapa then admitted to me that it was often the case that implementing their technical tips did not actually solve the problems. The real problem, their staff explained, was that WordPress has become so popular that it’s now a frequent target of hackers and malicious web-bots. These hackers and web-bots were overloading my website. And even running WordPress firewalls and plugins like “Stop Bad Bots” doesn’t help a lot — they help secure your site, to be sure, but they do not actually block the bad traffic from ever arriving. Bad traffic can only be blocked at the server level, by the web hosting provider.
So why can’t Hostpapa just block these malicious web-bots? Well, they could. If they wanted to. And that’s exactly what responsible web hosting providers do, I soon discovered. But Hostpapa doesn’t. Instead, Hostpapa lets many web-bots through, and then throttles their clients’ websites and shuts them down and sends out demands for higher fees. And then Hostpapa has set up an entire division of its staff dedicated to moving people with small WordPress sites off low-cost hosting plans onto higher-priced plans – this scam is a major part of their profit model.
Consider a comparison: About 90% of emails circulating on the internet are spam. Imagine if an internet service provider refused to run spam-blockers and instead let all spam emails through to its clients and then charged its clients higher fees for all the extra email server space they were using each day. This is basically Hostpapa’s policy and practice in relation to malicious web-bots – and they can get away with it because most of their individual and small-business clients on low-cost plans don’t have the technical knowledge to understand what’s going on.
I repeatedly asked to be allowed to talk to a supervisor or manager at Hostpapa, but my requests were refused.
I persuaded the Advertising Standards Council to investigate and they eventually concluded that Hostpapa was indeed engaged in false and misleading advertising.

In response to the findings of the Advertising Standards Council and another complaint I made through the Better Business Bureau, Hostpapa finally changed their advertising and Terms of Service to clarify that they will under certain conditions throttle websites, shut them down and charge higher fees (see their new ad below). However, the wording in their ad and Terms of Service “Disruptive Uses” section still make it sound like this will only ever happen if “you” engage in “abusive” activities or if “you” use “unusual” amounts of server space. Hostpapa has refused to clarify that, in fact, your site could be throttled and shut down when you’re simply a victim of common web-bots that Hostpapa itself could be blocking.

I will never do business with Hostpapa again — I’ve found other web hosting providers that are nearly as low-cost and I’ve had no problems. So here are some key questions to ask a provider if you are considering signing up for a shared web hosting plan:
- Do they block most web-bots that attack WordPress sites, or is that left to the client to do?
- What are their ACTUAL server usage limits?
- Do they throttle client websites?
- Do they shut down client websites without notice?
- Do they demand higher fees if a site crosses the server usage limits?
I’ve posted this just to be helpful to other people, not to make money. If you’ve found this post helpful, please post a link to it somewhere so that others are more likely to find it when they do searches. (And/or please leave a comment — if you don’t see my “Comments” section below, click on the title of this post and it should appear.)
UPDATE July 2020: Since I originally wrote this post I have not continued to research other web hosting providers, and for various unrelated reasons my “list” of recommended, alternative, better providers has slowly whittled down to just one provider. I’m happy to email this recommendation to you if you ask in a comment. However, my main recommendation is to contact providers with the questions I’ve identified above — that way, you let them know that people are wising up to this kind of scam and looking for alternatives, and you get providers’ policies in writing. When you find a good one, feel free to let me know via email (I don’t want to turn the comments thread into a long list of “ads” for providers) and perhaps we can crowdsource a longer list again. Also, I encourage everyone having problems with Hostpapa to post a complaint to the Better Business Bureau summarizing this scam. If there are a lot of public complaints about this, others will hear about it — and who knows, Hostpapa might even change… You can go through a formal complaint process with the BBB, or simply post a comment here: https://www.bbb.org/ca/on/oakville/profile/web-hosting/hostpapa-inc-0107-1241393/customer-reviews
It pains me to read this. Same story here. Used LunarPages for years with no issues and then they sold to HostPapa. Now every two months there is some over usage of resources and we need to upgrade. But it’s simply an I/O fault once a month when a backup runs. Their resource usage limits are laughably low.
I would love to know what vendor you recommend using. Thanks!
Wow, so many of the same stories… I am also one of them. Was with Lunarpages for years with no issues, but HP has given me the run around a few times. I have a small, personal blog and do know a little bit about the backend of things, but I’ve been super-frustrated with their “you need to figure out what’s going on with your blog”-attitude. Shouldn’t their tech support not at least be able to tell me when something is wrong, let alone fix it?
Thanks so much for bringing this to light. People need to know about this. And I’d love to hear your recommendation. I’ve looked at a few hosting companies but have been able to figure out which way to go. What’s a reasonable monthly/yearly fee for a small blog these days?
Hostpapa have other ways of scamming you. If you have a payment method stored with them they will automatically charge against it for any invoices. If you delete the payment method (in my case a credit card) they only soft delete it. I found that out when I had to add the card again and it wouldn’t allow me as it was already saved.
I’m now down to only having my domain name with them and have just now started to have problems with it. I can’t change any of the DNS settings as they blocked access to the control panel. To make changes I have to contact customer support. This resulted in a bunch of emails from them where they wany to know answers to so called security questions before they will make changes! These are questions I have never used in setting up an account – such as “middle name of my oldest child”. I don’t have a child! I can only assume that the support person is trying to harvest security data in order to hack my other accounts.
I am now trying to transfer my domain to another host. This has it’s own problems as I again need to contact their support and will probably run into the same BS.
If yu do have an up to date list of hosts that provide a better serice I’d love to have it!
I had two different accounts with HostPapa for two websites.
Site 1:
I had to shut down the first website so I turned off autorenewal and deleted the Credit Card information in the case. My credit card got expired before website renewal and was renewed with the same number but a different CVV number and they don’t have the new CVV number.
Guess what! HostPapa charged my card $695 for 3 years and sent me an invoice. Luckily they reversed transactions when I disputed how can they charge my CC for which they don’t have the latest info?
Site 2:
I am doing some SEO work on my website. Every time I run Google’s recommended PageSpeed Insight tool to check my website performance I see Resource High Usage in my Cpanel with the Number of Processes exceeding the limit of 40 processes which goes above 150 and sometimes close to 200.
Limits are also exceeded whenever I update plugins and upload/deleted video assets from the media library and they send me emails asking me to buy their VPS server plan which is not my requirement depending on the size and activity on my website.
Please share any recommendations to get another good Host.
Thanks