How Bluehost Secured 1.6 Million Outdated WordPress sites

Bluehost is an officially recommended hosting company for the WordPress platform by In recent times, it also raised a lot of questions from experts around the globe regarding its contribution to the WordPress open source community. Even I had a similar question until, during 2015 State of the Word address, WordPress co-founded shared how Bluehost tackled their 1.6 million outdated WordPress installation.

State of the word 2015
  • Save

There are a lot of takeaways here for all the WordPress users & hosting companies. Also, it’s a vote of trust for existing Bluehost users.

Bluehost hosts about 2 million WordPress sites & in a recent audit they realize almost 80% i.e. 1.6 million WordPress installs are outdated. This is a major security risk & one of the major reason for WordPress sites on Bluehost being hacked. Needless to mention, a hacked site requires immediate support from hosting company which increases the running cost for the company & that also creates negative emotions on social media for any hosting company.

How Bluehost handled 1.6 million outdated WordPress installation?

To tackle this issue, Bluehost wrote a Perl script that uses WP-CLI to update all WordPress sites. What interesting here is, it also updated WordPress sites which are using completely outdated version. If you have ever tried updating WordPress from 1.X or 2.x to the latest  version, you would know it’s not as simple as regular WordPress update that we do.

Here is what Bluehost Perl script did which is also available to download as an open source tool on Github for other hosting companies.

  • The script first checked the status of all the WordPress site.
  • Then created a backup for all the site.
  • Runs all updates via WP-CLI
  • After updating is done, the script checked for any error such as a white screen of death.
  • If anything seems to be broken, the script automatically restored the site from the backup.

It took them about 1 month to update all the sites & they successfully updated 99% of the WordPress sites hosted on WordPress. Only 0.006% of updated sites faced the problem which was handled by Bluehost support team.

Bluehost epic WordPress updates
  • Save

Another interesting thing which you as a hosting company would like is; The technical support request related to WordPress went down by 18%. This was mainly due to the site become secure with the latest version of WordPress & plugin/theme compatibility issue have gone down. <Source>

Below you can find the slides from the State of the word 2015 presentation:

[Tweet “Twenty-five percent of the web runs on #WordPress”]

You can watch the complete presentation in the below video:

Subscribe on YouTube

If you are a hosting provider, you should take away the best part from this post. As WordPress powers 25% of the websites in the world, chances are; you might have a good number of users hosting WordPress based sites on your server. You should ensure that your customers are using the updated version of WordPress & if required, update the WordPress for your customers. I know of Siteground who also offers automatic updates for their WordPress customers. You can always use open source WordPress tools to roll out a mass scale backup/update/restore for your customers WordPress sites.

Bluehost has been an award-winning hosting for years & they also offer one free domain with any hosting plan. You can grab a discounted price for Bluehost using the below button.

Here are few of the best resources for Bluehost + WordPress from ShoutMeLoud:

Are you a hosting company? How are you handling the outdated WordPress installs in your company? If you are a Bluehost user, I would love to hear your feedback & experience with them.

Was this helpful?

Thanks for your feedback!
  • Save
Authored By
A Blogger, Author and a speaker! Harsh Agrawal is recognized as a leader in digital marketing and FinTech space. Fountainhead of ShoutMeLoud, and a Speaker at ASW, Hero Mindmine, Inorbit, IBM, India blockchain summit. Also, an award-winning blogger.

10 thoughts on “How Bluehost Secured 1.6 Million Outdated WordPress sites”

  1. Himadri Saha

    I personally use HostGator for my blog. I did not know this information about Bluehost. This is a huge step and smart move by Bluehost. Informative post Harsh.

  2. Nikhil

    I like this feature in bluehost. I got shared hosting from bluehost for my blog- It updates the wordpress each time when a new update comes into the list.

    1. Harsh Agrawal

      I assume your are tech savvy so for you it’s not a big deal but yet a useful feature. For those who are not tech savvy, for them this one is great! Thanks for your comment on all other posts too. Good to get your insights on the topics here at ShoutMeLoud.

  3. Husnain Haider Abbas

    Great work done by Bluehost.. Thumbs up!

  4. Maria

    Isnn’t Blue Host and HostGator owned by the same company?

    1. Phoebe

      EIG owns both. I used Hostgator for years and left some time ago and now use Namecheap hosting. I use it because I buy all of my domains there and it is extremely affordable vs BlueHost and Hostgator. I also have more control over the type of extensions to allow on my hosting and what versions scripts, memory etc…
      I had many hack attempts and none succeeded lol.

  5. Derek

    I’m using VPS hosting elsewhere but I like how BlueHost stepped up to the plate and made a very good business decision that will protect it’s current clients and future clients who wish to host with them in the future.

    So many WordPress admins don’t know how important it is to make sure your blog is on the latest version and the plugins they are using. Example after a few months after a big WordPress date I look at my plugins and see if they are still compatiable.. if not, I’ll find an alternative to use. I’ve been using WordPress for 7 years so I pick up on things as in maintaining a good secured blog always up-to-date.

    BlueHost is now protecting there clients and will continue to do so in the future. Let’s hope other hosting companies that are not as big as them to adopt this business practice in the future.

  6. Janmejai

    That’s a huge problem with hosting providers, most of the users ignore these updates and if something happens they blame the hosting providers in most of the cases.
    These problems have given rise to specialized hosting. However, every hosting provider should do something to handle this problem in a better way.

  7. Robin Khokhar

    Oh Great, but Bluehost only runs WordPress and can difficult to migrate our site to other CMS using the Bluehost.

    1. Harsh Agrawal

      Bluehost supports all other CMS & you can buy different servers from them including their latest offering: Cloud servers. So migration should not be a problem.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top