It starts with a sinking feeling. You click your own website link — or worse, a customer messages you saying they can't access it — and you're met with a blank screen, a browser error, or an ominous "This site can't be reached." Your immediate reaction is panic, and that's completely normal.
But before you do anything drastic, take one breath and do this first: verify whether your website is down for everyone or just you. Visit downforeveryoneorjustme.com, type in your domain, and hit Enter. If it says "It's not just you — the site is down for everyone," you have a real outage on your hands. If it says "It's just you," the issue is likely local — your browser cache, your ISP's DNS resolver, or your network.
For local issues, try clearing your browser cache (Ctrl + Shift + Delete), switching to a different browser, or loading the site on your phone using mobile data instead of Wi-Fi. If the site loads on your phone, your local network or DNS cache is the culprit and a simple flush will sort it out (ipconfig /flushdns on Windows, sudo dscacheutil -flushcache on macOS).
If the site really is down for everyone, however, you need to diagnose the root cause systematically. Below are the 12 most common reasons websites go offline — and exactly how to fix each one.
Cause 1
Server Downtime or Overload
This is the most common culprit behind sudden, unexplained outages. Your website lives on a physical (or virtual) server, and when that server goes down — whether because of a hardware failure, a software crash, or simply being overwhelmed with traffic — your site goes with it.
What actually happens: When a server is overloaded, it struggles to handle incoming requests. Instead of serving your pages, it starts queuing requests, then dropping them entirely, returning errors like 503 Service Unavailable or timing out with no response at all. This is especially brutal on cheap shared hosting environments where hundreds of websites share the same physical CPU and RAM. When one site on the server gets a traffic spike — maybe they went viral — everyone else suffers too.
How to check: Log into your hosting control panel and look for a server status page. Most providers also have a public status page (e.g., status.yourhost.com). You can also set up a free account on UptimeRobot which pings your site every 5 minutes and sends you an instant email or SMS when it goes down — so you're not the last to know.
The real fix: Short-term, you can contact your host's support team and ask them to investigate server-level issues. Long-term, this problem points to an infrastructure issue with your hosting plan. Cheap shared hosting simply isn't built for reliability under load.
💡 Hosterlo's solution: Hosterlo web hosting runs on enterprise-grade NVMe SSD storage with LiteSpeed Web Server technology — a combination that processes requests up to 9x faster than traditional Apache-based hosting and handles traffic spikes gracefully without crashing. You're not sharing resources with hundreds of random sites.
Cause 2
DNS Propagation Issues
If you've recently moved your website to a new hosting provider, changed your nameservers, or updated any DNS records, you may be experiencing what's called a DNS propagation delay — and this is one of the most confusing types of "downtime" because the problem isn't your server at all.
How DNS works: Every domain name is mapped to an IP address via DNS (Domain Name System). These records are cached by resolvers (your ISP's DNS servers, Google's DNS, Cloudflare's DNS, etc.) for a period of time called the TTL (Time To Live). If you change your nameservers or A records, the old cached values continue to direct some visitors to the old server — while others who hit a fresh resolver see the new one. This inconsistency creates a window where some people can access your site and others get errors or blank pages.
How long does propagation take? Typically 24 to 48 hours for full global propagation, though many changes reflect within a few hours for most users. If your TTL was set very high (e.g., 86400 seconds = 24 hours) before the change, you're in for a longer wait.
How to check propagation status: Use whatsmydns.net — enter your domain and select which record type you changed (A, CNAME, NS). It shows you the resolved value from dozens of servers around the world, so you can see exactly how far propagation has reached.
You can also verify locally from your terminal:
- Windows:
nslookup yourdomain.com - Mac/Linux:
dig yourdomain.comordig yourdomain.com @8.8.8.8(to query Google's DNS specifically)
Fix: If propagation is in progress, there's no way to rush it — you simply have to wait. However, you can reduce future propagation delays by lowering your TTL to 300 seconds (5 minutes) before you plan to make DNS changes. That way, cached records expire quickly and the transition is much smoother.
Cause 3
Expired Domain Name
This one is embarrassingly common, and it can happen to anyone — even large companies. If your domain registration expires and you don't renew it in time, your domain stops resolving. Visitors who type your URL into their browser get either a registrar parking page, a generic error, or — in the worst case — your domain gets snapped up by a domain squatter before you can reclaim it.
Most domain registrars send renewal reminder emails 30, 15, and 7 days before expiry. But if those emails land in spam, or you've changed email addresses since registration, you might miss them entirely.
How to check your domain's expiry date: Do a WHOIS lookup. Visit lookup.icann.org or simply Google "WHOIS [yourdomain.com]". Look for the Registry Expiry Date or Expiration Date field. If it's in the past — that's your problem.
Fix: Log into your domain registrar's control panel immediately and renew the domain. Most registrars give you a grace period of 30–45 days after expiry during which you can still renew (sometimes for a slightly higher fee). After the grace period comes the "Redemption Period" — renewing becomes very expensive. After that, the domain is deleted and available to the public.
The absolute best prevention is to enable auto-renew on all your domains and keep a valid payment method on file. If you need a reliable place to manage your domains going forward, Hosterlo's domain registration service includes auto-renew by default and expiry alerts sent directly to your account dashboard — no more missed renewals.
⚠️ Warning: Never let a business-critical domain lapse into the redemption period. Recovery fees can be $100–$300 or more, depending on the registrar and TLD.
Cause 4
Expired or Invalid SSL Certificate
Modern browsers are brutal about SSL. If your SSL/TLS certificate has expired, is misconfigured, or covers the wrong domain, Chrome, Firefox, and Edge will block visitors with a bright red warning screen: "Your connection is not private" or "NET::ERR_CERT_DATE_INVALID." While your site technically isn't "down" — the server is responding — it might as well be, because most visitors will hit the back button immediately rather than click through the warning.
Common SSL problems include:
- Certificate expiry (Let's Encrypt certificates expire every 90 days if not auto-renewed)
- Mismatched domain (certificate issued for
www.yourdomain.combut accessed atyourdomain.com, or vice versa) - Mixed content errors (your site loads via HTTPS but pulls in HTTP resources — images, scripts)
- Incomplete certificate chain (intermediate certificates missing)
How to diagnose: Use SSL Labs' free SSL test — it gives you a detailed grade and pinpoints exactly what's wrong. Check your certificate's expiry date directly in your browser by clicking the padlock icon → "Certificate."
Fix: If your certificate has expired, reissue it via your hosting control panel (under SSL/TLS settings in cPanel). If you're using Let's Encrypt, most control panels have a one-click reissue button. Then set up auto-renew so it never expires again.
💡 All Hosterlo web hosting plans come with free SSL certificates that auto-renew silently in the background — you never have to think about it. No manual renewal, no expiry warnings, no red browser screens.
Cause 5
.htaccess Errors
The .htaccess file is a powerful Apache configuration file that controls URL redirects, access rules, PHP settings, and much more. It's also one of the easiest files to accidentally break — a single misplaced character, an unclosed bracket, or an invalid directive will cause a 500 Internal Server Error for your entire site.
This typically happens after:
- Installing or updating a WordPress plugin that modifies
.htaccess - Manually editing the file to add redirects or security rules
- Migrating from a different server environment (some directives valid on one host aren't valid on another)
- A security plugin running an overly aggressive rule
How to fix it:
- Log into your hosting account's File Manager (in cPanel) or connect via FTP/SFTP.
- Navigate to your website's root directory (usually
public_html). - Find the
.htaccessfile. (Make sure "Show Hidden Files" is enabled — it starts with a dot, so it may be hidden by default.) - Rename it to
.htaccess_oldor.htaccess_backup. This effectively disables it. - Reload your site. If it loads now, the
.htaccesswas the problem. - For WordPress sites, go to Settings → Permalinks in wp-admin and click "Save Changes" — WordPress will auto-generate a clean, valid
.htaccessfile. - If you had custom rules in the old file, add them back one section at a time, testing after each addition to find the bad line.
💡 A minimal, safe WordPress .htaccess file looks like this:
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
Cause 6
Database Connection Errors
If you run a WordPress site (or any CMS that relies on a database), you may have seen the dreaded white screen with the message: "Error establishing a database connection." This means your site's application cannot communicate with its MySQL database — and without that connection, nothing renders.
The most common reasons this happens:
- Wrong credentials in wp-config.php: The database name, username, password, or host in your WordPress configuration file doesn't match what's set up in your hosting account. This often happens after a migration.
- MySQL service down: The database server itself crashed or was restarted. This is a server-level issue your host needs to address.
- Max connections reached: Your MySQL installation has a connection limit. If too many concurrent scripts are trying to connect simultaneously, new ones are refused. This is common on shared hosting with low connection limits.
- Corrupted database tables: Occasionally, a WordPress table becomes corrupted (especially after a crash during a write operation). This can prevent the whole site from loading.
Fix — Step by step:
- Open your
wp-config.phpfile (in your site's root via File Manager or FTP). - Verify that
DB_NAME,DB_USER,DB_PASSWORD, andDB_HOSTare correct. Cross-reference with your hosting panel's MySQL Databases section. - If credentials are correct, log into phpMyAdmin via cPanel and check if your database tables are listed. Select all tables and run "Repair Table" from the dropdown — this fixes most corruption issues.
- If MySQL isn't accessible at all, contact your host — the database service may need to be restarted.
Cause 7
PHP Version Mismatch
WordPress plugins, themes, and even WordPress core itself require specific PHP versions to function correctly. If your hosting account is running an outdated PHP version that's no longer supported by your software — or if you recently upgraded PHP to a version that's too new for an old plugin — you'll likely encounter a blank white screen, a fatal error, or a 500 error.
For example, many legacy plugins written for PHP 7.x will throw fatal errors on PHP 8.2 because they use deprecated functions. Conversely, if your hosting account is stuck on PHP 5.6, you'll have security vulnerabilities and compatibility problems with any modern plugin.
How to check and switch your PHP version in cPanel:
- Log into cPanel and look for "MultiPHP Manager" or "PHP Selector."
- Find your domain and check which PHP version it's currently assigned.
- Try switching to the version recommended by WordPress (currently PHP 8.1 or 8.2 for most modern setups).
- If switching up breaks things, try switching down one minor version (e.g., from 8.2 to 8.1) and test again.
- Once stable, identify and update or replace the incompatible plugin/theme.
You can also check for PHP errors directly: enable debug mode in WordPress by adding define('WP_DEBUG', true); and define('WP_DEBUG_LOG', true); to wp-config.php. Then check the wp-content/debug.log file for detailed error messages pointing to the problematic plugin or function.
Cause 8
DDoS Attack
A Distributed Denial of Service (DDoS) attack is when malicious actors flood your server with enormous volumes of fake traffic — sometimes hundreds of thousands or millions of requests per second — with the sole intent of overwhelming your server resources and knocking your site offline for legitimate visitors.
Signs you're under DDoS attack:
- Your site went down suddenly with no code changes and no server maintenance
- Server CPU and bandwidth usage spiked to 100% instantly
- Your hosting provider sends you an abuse/overuse notification
- Traffic logs show thousands of requests per second from hundreds of different IP addresses with no referrer
- The attack pattern is often cyclical — site comes back for a few minutes, then crashes again
What to do:
- Contact your host immediately. Enterprise hosting providers have network-level DDoS mitigation tools that can filter attack traffic before it even reaches your server.
- Enable Cloudflare's "Under Attack Mode." If your site is proxied through Cloudflare, activate this mode from your Cloudflare dashboard — it adds a JavaScript challenge to every visitor and blocks bots automatically.
- Rate limiting: Configure your server or Cloudflare to limit the number of requests any single IP can make per minute.
- Geo-blocking: If the attack traffic is concentrated from specific countries, temporarily block those regions.
💡 Hosterlo's infrastructure includes enterprise-grade DDoS protection at the network layer. Learn more about our global data center network and how we keep your site protected 24/7.
Cause 9
Bandwidth or Storage Limit Hit
Most hosting plans come with defined resource limits: a monthly bandwidth allowance (the total data transferred to and from your site) and a disk storage quota. On some budget plans, hitting either of these limits doesn't just result in extra charges — it results in your site being automatically suspended or returning errors until the next billing cycle.
How this plays out: Your site runs fine for three weeks of the month, traffic picks up (maybe a viral post, a press mention, or a sales campaign), and then boom — you hit your bandwidth cap and your host throws up a "Account Bandwidth Limit Exceeded" page instead of your actual website.
How to check: Log into cPanel → look at the "Bandwidth" stat in the quick stats panel. Some hosts also have a dedicated Bandwidth Manager showing daily and monthly usage graphs. For disk space, check the "Disk Usage" section.
Fix:
- Contact your host and ask for a temporary bandwidth extension or upgrade your plan immediately.
- Compress and optimize images on your site — unoptimized images are the #1 cause of runaway bandwidth usage.
- Enable Cloudflare as a CDN — it caches your static assets and serves them directly to visitors without consuming your server's bandwidth.
- Review your server access logs to identify any unusually large files being downloaded repeatedly (bots scraping your site, for instance).
If bandwidth and storage limits are a recurring headache, it's worth upgrading to a plan that gives you room to breathe. Hosterlo's shared hosting plans come with generous resource allocations designed for real-world traffic — not the artificially throttled limits you find on rock-bottom hosts.
Cause 10
Corrupted WordPress Core Files
WordPress core files can become corrupted in a few different ways: a botched update, a malware infection that overwrote or deleted core files, a failed migration, or even a server crash during a file write operation. When core files are corrupted, WordPress simply cannot function — you'll typically see a white screen of death, partial page loads, or 500 errors.
How to tell if it's corrupted core files vs. a plugin: If deactivating all plugins (by renaming the /wp-content/plugins/ folder to /wp-content/plugins_off/ via FTP) still doesn't fix the error, the problem is likely in core files, your theme, or a database issue.
Fix — Reinstall WordPress core (without losing your content):
- Download a fresh copy of WordPress from wordpress.org/download/.
- Unzip it on your local computer.
- Delete the
wp-contentfolder from the fresh copy — do not upload this, as it contains your themes, plugins, and uploads. - Upload all remaining files from the fresh WordPress package to your server via FTP, overwriting the existing files.
- Your database, content, and
wp-config.phpremain untouched. Only the core PHP files are replaced.
Malware scans: If you suspect a hack, run a malware scan immediately using Wordfence, MalCare, or your hosting panel's built-in malware scanner. Change all passwords (FTP, cPanel, WordPress admin, database) after cleaning. Daily backups are your absolute best insurance against this scenario — if you have a clean backup from yesterday, a restore takes minutes instead of hours of forensic work.
Cause 11
CDN or Cloudflare Misconfiguration
Content Delivery Networks (CDNs) like Cloudflare are incredibly powerful for performance and security — but they introduce an additional layer between your visitor and your server, and misconfigurations at that layer can make your site completely inaccessible even when your server itself is perfectly healthy.
Common Cloudflare misconfigurations that cause downtime:
- SSL/TLS mode mismatch: This is the big one. If your server has a self-signed SSL certificate (or no SSL) and Cloudflare is set to "Full (Strict)" mode, Cloudflare will refuse to connect and return a 526 Invalid SSL Certificate or 525 SSL Handshake Failed error. Set Cloudflare's SSL mode to match your server: use "Flexible" if your server has no SSL, "Full" for a self-signed certificate, and "Full (Strict)" only for a valid CA-signed certificate.
- Orange cloud vs. grey cloud: If a DNS record is set to "DNS only" (grey cloud) instead of "Proxied" (orange cloud), Cloudflare isn't caching or protecting it. Conversely, records that should be DNS-only (like MX records for email) should never be proxied.
- Stale cached content: Cloudflare aggressively caches your site. After a major update or fix, visitors may still see the broken cached version. Fix by going to Cloudflare dashboard → Caching → Configuration → Purge Everything.
- Firewall rules blocking legitimate traffic: Overly aggressive Cloudflare firewall rules or "Bot Fight Mode" can block legitimate visitors, crawlers, and even your own admin access.
Fix checklist: Verify your SSL/TLS mode, check that your A record points to the correct server IP with orange cloud enabled, purge your cache after any changes, and review your firewall rules in the Cloudflare Security tab.
Cause 12
Hosting Account Suspended
Account suspension is a sharp and immediate cause of downtime — and it's one that many site owners don't see coming. Your hosting provider can suspend your account for a variety of reasons, and the result is usually a generic suspension page served to all your visitors instead of your actual site.
The most common reasons for suspension include:
- Billing failure: Your payment method on file expired, declined, or was charged back. If the renewal invoice goes unpaid past the grace period, suspension is automatic. This is by far the most common reason.
- Terms of Service violations: Hosting a phishing page, sending bulk spam email, using excessive server resources in violation of fair use policies, or hosting illegal content will get you suspended — usually without warning.
- Malware detected: If your site is infected and actively spreading malware or participating in a botnet, your host will suspend the account to protect other users on the same server.
- DMCA complaint: If copyrighted content is hosted on your account and the rights holder files a complaint, your host may be legally obligated to suspend the infringing content or the entire account.
Fix: Log into your hosting billing portal and check for any outstanding invoices or notifications. If it's a billing issue, update your payment method and settle the balance — most hosts reactivate suspended accounts within minutes of payment clearing. If it's a TOS violation, you'll need to submit a support ticket, understand what violated the policy, remediate the issue, and formally request reactivation.
To prevent billing-related suspensions going forward: always keep an up-to-date payment method on file, set up account payment alerts, and consider paying annually rather than monthly — fewer renewal cycles means fewer opportunities for a payment to slip through the cracks.
How to Stay Online 99.99% of the Time: A Prevention Playbook
Now that you understand the 12 most common causes of website downtime, let's talk about how to prevent them proactively — because in the world of online business, prevention is infinitely cheaper than recovery.
1. Use Uptime Monitoring
Don't wait for a customer to tell you your site is down. Set up a free monitoring service like UptimeRobot, Freshping, or Better Uptime. These tools ping your site every 1–5 minutes and send you an instant alert via email, SMS, or Slack the moment it goes down. You'll know in seconds, not hours.
2. Choose Hosting With a Real Uptime SLA
Not all hosting providers are created equal. A "99.9% uptime guarantee" sounds impressive until you do the math — it allows for over 8 hours of downtime per year. Hosterlo web hosting backs its Business plans with a 99.99% uptime SLA, which translates to less than 53 minutes of total downtime per year — and that's the contractual commitment, not a marketing claim.
3. Enable Daily Automated Backups
Backups won't prevent downtime, but they're your fastest path to recovery when something goes wrong. A daily backup means that even in a worst-case scenario — malware, corrupted files, accidental deletion — you're restoring from a snapshot that's at most 24 hours old, not scrambling to rebuild from scratch. Make sure your host stores backups offsite (not just on the same server as your site).
4. Keep Everything Updated
WordPress core, plugins, and themes should always be on their latest stable versions. Most security vulnerabilities exploited by hackers are in outdated software. Enable auto-updates for minor WordPress releases, and review plugin updates weekly. Before major updates, back up your site first.
5. Auto-Renew Everything
Enable auto-renew on your domain registration and hosting plan. Keep your payment information current. Set calendar reminders 30 days before any annual renewal. The two-minute setup of auto-renew can save you from days of downtime and the nightmare of recovering a lapsed domain.
6. Use a CDN
A CDN (Content Delivery Network) like Cloudflare caches your site's content on servers around the globe. This reduces load on your origin server, speeds up page loads for international visitors, and in some configurations can serve cached pages even if your origin server goes momentarily offline — effectively making your site resilient to brief outages.
🎁 Hosterlo's free Website Growth Kit — included with annual plans — bundles together premium uptime monitoring, daily backup tools, SSL management, and performance optimization resources so you get all of this protection without piecing it together yourself.
Frequently Asked Questions
How do I check if my website is really down for everyone?
Visit downforeveryoneorjustme.com and enter your URL. If it says "It's not just you!", your site is globally unreachable. You can also use tools like isitdownrightnow.com or UptimeRobot for continuous monitoring. Checking from a different network or device — such as your mobile data connection instead of your Wi-Fi — also confirms whether it's a local caching issue or a real, worldwide outage.
How long does DNS propagation take?
DNS propagation typically takes between 24 and 48 hours to fully complete worldwide, although many users may see changes within a few hours. The speed depends on the TTL (Time To Live) values set on your DNS records before the change was made — lower TTLs mean faster propagation. You can track propagation progress in real time using whatsmydns.net, which shows you how your DNS records appear from dozens of servers around the globe.
What causes a 500 Internal Server Error?
A 500 Internal Server Error is most commonly caused by a misconfigured .htaccess file, a PHP syntax error in a plugin or theme, incompatible or corrupted plugins, exhausted PHP memory limits, or incorrect file permissions. Start by checking your server error logs (found in cPanel under "Errors"), then rename your .htaccess file to test if that's the culprit. Deactivating plugins by renaming the plugins folder via FTP is another common fix for WordPress sites. If the problem persists, check that your PHP version is compatible with your installed plugins and themes.
Does Hosterlo have a 99.99% uptime guarantee?
Yes. Hosterlo's Business and higher-tier hosting plans include a 99.99% uptime SLA backed by enterprise NVMe infrastructure, redundant power systems, and global load balancing. Unlike budget shared hosting providers that cram hundreds of sites onto a single underpowered server, Hosterlo uses LiteSpeed Web Servers and proactive 24/7 monitoring to prevent outages before they affect your visitors. That's less than 53 minutes of downtime per year — contractually guaranteed.
Never Worry About Downtime Again — Switch to Hosterlo
Join thousands of businesses that trust Hosterlo's enterprise NVMe infrastructure, 99.99% uptime SLA, free SSL auto-renewal, daily backups, and 24/7 expert support. Your site stays online. Period.
30-day money-back guarantee · Free migration · No setup fees