My WordPress Site Is Down: Why It’s Down and What to Do

When your WordPress site goes down, it can be a very stressful and confusing experience, especially if you’re new to WordPress development and don’t know why it could have happened or what you can do to bring it back up.

Downtime is a major problem that can make you lose revenue and affect your site’s reputation, so we should all take it seriously. This article will be an introduction to why your site might have gone down and what you can do to fix it and prevent it from going down again.

Key takeaways

Sites go down for many reasons, usually related to reaching web hosting resource limits, plugin or theme incompatibilities, web host downtime, and security breaches.
You can bring your site back up by restoring a previous backup, deactivating conflicting plugins or themes, setting a new PHP memory limit, installing a firewall, upgrading your hosting plan, or switching hosting providers.

Confirm Your Site Is Down for Everyone

Assuming you’re not facing any internet connection issues, the first thing to do if you can’t access your admin area or your live website is to confirm the problem affects every user visiting your site, not just you.

This is easy to check with an online tool such as Is It Down Right Now?, Down.com, Website Planet’s Down or Not tool, and IsItWP’s Uptime Status Checker. Alternatively, if you have a WordPress.com site, visit Automattic Status and check whether WordPress.com’s domain is down.

Otherwise, let’s use IsItWP’s tool. You can use whichever tool you prefer. This is just an example.

Visit the site and enter your site’s URL in the search bar. Click the Analyze Website button.

You will see the following screen if your site is up for everyone. Check your site again to see if it was only a momentary outage.

If the site is up but you still can’t access it, try clearing your browser’s cache and trying again.

It’s also possible for a site to be temporarily unavailable for specific regions, especially if you’re using a content delivery network (CDN) to provide speedy access across various geographically spread-out servers.

However, if you get a negative response, there’s a good chance your site is down regionally or even worldwide. Keep reading to know the most common reasons your site is down and what you can do to bring it up again.

8 Common Reasons Why Your WordPress Site Might Be Down

Once you’ve confirmed your site is down for other people and not just you, it’s important to understand the most common reasons why before moving to troubleshooting.

Common Reason #1: You’ve Reached a Hosting Cap

WordPress hosting plans have various space, traffic, and bandwidth limits to manage the resource usage of all websites within the same hosting environment. Managing resources ensures server stability, and exceeding the limits established by your plan may lead to unavailability or lower website performance.

These limits vary depending on the hosting provider and plan, but typically include:

Disk Space. The total storage allocated for your website’s files, including media, themes, and plugins. Most plans offer a specific amount of disk space with an option to upgrade.
Bandwidth. The amount of data your website and its visitors can exchange over a specific period. Most plans set a monthly bandwidth limit, with options to upgrade if you exceed this limit.
CPU usage. CPU limits determine the amount of processing power your website can use. Limits exist so all websites within the same environment get enough resources to service their visitors.
RAM. RAM is the short-term memory applications use to store and access data. Your RAM limits affect the speed and efficiency of data processing.
User traffic. The maximum number of visitors that can access your website simultaneously without affecting server performance.

Exceeding these limits leads to performance issues or outright unavailability. For example, high CPU usage leads to slow website performance, and increased RAM usage can lead to a “503 Service Unavailable” error, indicating that your site cannot handle more traffic at that moment.

Check with your hosting provider to determine whether you exceeded any of the plan’s limits. If you did, and that’s what caused your site to go down, you may want to consider upgrading your plan.

Common Reason #2: Your Hosting Plan Expired

If your hosting plan expires, your website will go down, but you should still be able to access your hosting provider’s control panel. Since every provider has a different interface, you should look for an option that reads “Account Information” or something similar. Your hosting plan’s expiry date should be there.

You should follow your web host’s renewal process if your plan has expired.

Common Reason #3: Your Domain Expired

Alternatively, your hosting plan could be up, but your domain has expired. To check if your domain is still valid, use an online tool like Domain.com’s WHOIS or What’s My DNS’s Expiry Checker.

Simply paste your website’s URL into the search bar and click Search or Look Up.

If the expiration date has passed and you didn’t renew it, the results should tell you that the domain is currently available.

If the domain you purchased for your site is available, you should use a domain name registrar to buy it again.

Common Reason #4: Plugins or Themes Broke Your Site

Plugins and themes are a major reason WordPress is so popular, but you must be very careful when installing and activating them.

When they aren’t compatible with your current WordPress version, its settings, or each other, they can make your website go down, suffer severe performance or accessibility issues, display the “white screen of death,” and more.

The main reasons WordPress sites go down due to plugins or themes are the following:

Memory exhaustion. Heavy plugins, like builders and security plugins, can exhaust your PHP memory limit, leading to site crashes.
Conflicts with the core files. The core files are the files that come with every WordPress installation. Outdated or poorly-coded plugins or themes may introduce code that conflicts with core features.
Plugin conflicts. Plugins can also conflict with each other when trying to perform similar functions, interfering with each other and causing your site to malfunction.
Auto-updates. Auto-updates can sometimes cause conflicts between plugins when they try to execute conflicting commands.
Malware infection. A plugin or theme may have a security vulnerability that bad actors like hackers can exploit to inject malicious software (malware) into your site. In fact, most WordPress security vulnerabilities come from plugins and, to a lesser degree, from themes and core files.

Common Reason #5: Your Hosting Service is Down

It’s also possible for your web host’s entire service to be down due to various reasons, such as:

Technical failures like server hardware malfunctions, software bugs, or network infrastructure issues.
Scheduled maintenance activities, software updates, or configuration changes, which can inadvertently cause downtime if not properly managed.
Cyberattacks, including distributed denial-of-service (DDoS) attacks or other security breaches.
Scalability bottlenecks. When a provider’s infrastructure struggles to handle sudden large-scale traffic spikes, the high demand can result in temporary service degradation or downtime.
Less commonly, environmental factors like power outages, natural disasters, or accidents at data centers.

Communicating with your web host whenever you experience downtime is a good idea to determine whether the issues are on their side. Even if they aren’t, it helps you rule out possibilities.

Common Reason #6: Your Site Experienced a Sudden Traffic Spike

A sudden spike in visitors to your WordPress site can easily overwhelm your hosting server’s resources, leading to slow response times or complete crashes. More specifically, this happens when you receive an amount of traffic that exceeds your hosting plan’s caps, creating bottlenecks in processing requests.

Your site may receive traffic spikes due to viral content, media coverage, marketing campaigns, product launches, or SEO improvements.

Common Reason #7: Your Latest WordPress Update Is Incompatible with a Plugin or Theme

As mentioned earlier, plugin and theme incompatibilities can degrade website performance or crash it. However, in some cases, your plugins and themes can work perfectly fine until you update WordPress to the newest version.

Since WordPress constantly evolves and most theme and plugin developers work independently from the official WordPress development team, not all plugins and themes may receive prompt updates to make them compatible with the latest WordPress version.

Common incompatibilities that appear after a WordPress update include:

Code execution conflicts.
Issues caused by caching plugins changing the order of script loading, which may break certain dynamic functions like forms and menus.
Outdated code that doesn’t mix well with the changes brought by the new WordPress version. If you’ve been using a plugin that was last updated 1 or 2 years ago, it may have outdated PHP syntax and almost certainly has security vulnerabilities, so it’s time to find an alternative.

If your site only crashed after an update, checking for incompatibilities with plugins and themes is a good place to start since this is such a common problem.

Common Reason #8: Your Site Suffered a Security Breach

Unfortunately, due to its popularity in the content management system (CMS) market, WordPress is a common target for hackers looking to steal confidential data or extort money from website owners.

In fact, in 2021, approximately 4.3% of WordPress websites scanned with the security scanner SiteCheck suffered infections (hacks). That’s around 1 out of every 25 WordPress sites.

Many of these security breaches are subtle and can remain undetected for months or years, but others impact performance immediately. For example, a denial-of-service attack can result in sudden performance drops because hackers are overwhelming your server with excessive connection requests.

In addition to worse performance, other signs that your site’s been hacked are:

Malicious links. Hackers with backdoor access to your site may add malicious links to your footer or any other part of your site.
Your front page is entirely different. If you suffer a defacement attack, hackers change your homepage to announce the hack, often asking for ransom.
You can’t log in. Attackers may have changed your password or deleted your admin account.
New suspicious admin accounts. If you notice admin accounts that neither you nor other team members created, there’s a good chance a piece of malware created them.
Suspicious scripts in your WordPress core installation. The most common directory in which attackers leave malicious scripts is wp-content.
Pop-up ads. A classic tactic used by attackers trying to monetize someone else’s website for themselves. Pop-ups may appear only for users that are not logged in and usually open in a new window.

7 Possible Solutions to Restore Your Site After it Goes Down

Now you understand the most common reasons why your WordPress site might be down, so it’s time to explore the potential solutions to the problem.

Before moving on, it’s important to know that you should only perform significant changes to your WordPress site in a staging or local environment, not on your live site. Using staging or local environments allows you to safely troubleshoot the issue without the risk of further breaking your site.

With that out of the way, these are some of the most common solutions to try when your site crashes.

Solution #1: Restore a Previous Backup

It’s a good practice to create backups whenever you’re about to make any significant change to your site, such as installing or updating themes, plugins, and new WordPress versions. It gives you a checkpoint you can return to if anything goes wrong, allowing you to reverse unintended consequences and try again.

That means that if your site crashed due to a factor related to your installation (incompatibilities, configuration issues, etc.), you could bring it back up immediately by restoring a backup where the problem didn’t exist.

Restoring backups also means you lose any config changes or content you’ve created since the last backup, so you should backup frequently to avoid losing progress.

There are three methods for creating and restoring backups: manually, with a plugin, and through your web hosting service. Manual backups are prone to human error, so our developers don’t rely on them. Instead, they mostly use backup plugins.

We’ve used UpdraftPlus, and it’s very reliable, so in this example, we’ll create and restore a backup with this plugin. Other plugins will have similar but probably slightly different steps.

Create a Backup

First, create a backup. From the admin dashboard, go to Settings > UpdraftPlus Backups. Click on the large Backup Now button, and the plugin will create a complete backup of your site.

Obviously, you must have backed up your site before it crashes to roll back to a previous state and see if it fixes anything.

Restore a Backup

Assuming you already have a backup, here’s how to restore it with UpdraftPlus. On your website’s dashboard, go to Settings > UpdraftPlus Backups.

In the section Existing backups, you’ll have a list of backups UpdraftPlus has created. Each backup will have a Restore button to restore that specific backup. Select the backup you want to restore and click Restore.

Now, you’ll be given the option to restore specific file types: Plugins, Themes, Uploads, Other, and Database. Check every type to perform a full restore, then click Next.

Choose the components you want to restore

On the following screen, click Restore, and the process will begin.

Wait for the restoration to complete. You’ll get a “Restore successful” message at the end. Finally, click on Return to UpdraftPlus configuration to finish the process.

Always create backups before installing or updating your plugins, themes, or WordPress versions.

Solution #2 Deactivate Plugins and Switch Themes

Plugin and theme incompatibilities are among the most common reasons why WordPress sites crash, so it’s a good idea to deactivate all plugins and restore your site to a default theme to see if it comes back up.

How to Deactivate and Troubleshoot Plugins

To deactivate your plugins, go to Plugins > Installed Plugins from the admin dashboard.

Once on the plugins page, select every plugin by checking each on the left side and choose Deactivate in the bulk action dropdown menu. Keep in mind that if your entire site depends on a popular site builder like Beaver Builder, you shouldn’t deactivate the builder.

With the plugins deactivated, clear the cache and try reaccessing your site. If you can access it normally, the crash was likely due to a plugin incompatibility, but you may not know which plugin it is yet.

Unless the crash happened after a specific update, discovering the culprit may take activating plugins one at a time until you find the one breaking your site.

But before doing that, you should update your WordPress and PHP versions if you haven’t already and then every plugin (while keeping them deactivated). If the plugins you use are otherwise well-coded, updating everything and activating them one by one should fix the issue.

When you find the plugin crashing your site, you could eliminate it and find an alternative or try to find a solution in its settings. You could ask for help in the Fixing WordPress forum if you don’t know what to do.

In general, don’t install two plugins that do the same thing since they’re very likely to conflict. Also, check with your web host to see if they have any banned plugins.

Switch to a Default WordPress Theme

Go to Appearance > Themes from the WordPress admin dashboard.

Click on Activate to activate a default WordPress theme

If you’re using a non-default theme, simply activate a default theme like Twenty Twenty-Four.

It is very unlikely that a popular theme like Astra is the culprit of your site crashing, so if the theme is the problem, it’ll likely be a more niche one.

Solution #3: Comment Out Any Custom Code

There’s the possibility that a plugin you just installed or updated conflicts with any custom code you’ve added to your site, especially in the functions.php file.

To test whether that’s the case, comment out all your custom code and see if your site comes back. If it does, you’ll have to find out which custom code snippet is causing a conflict and fix it.

Solution #4 Set a New PHP Memory Limit

As mentioned, heavy site builders, backup, security, or optimization plugins can exceed the configured PHP memory limit, taking your site down.

The PHP memory limit determines the maximum memory a script can use in your WordPress site. When a script exceeds that memory limit, your site crashes.

Modifying it is easy, even if you’ve never edited PHP before. You’ll have to edit wp-config.php, a core WordPress file. As usual, backup your site before editing anything important.

How to Edit wp-config.php

To access your core files, you’ll have to connect to your site using an FTP client like FileZilla, explore your site’s files with a web hosting control panel like cPanel, or browse through your Windows/Mac/Linux file manager if you have a local installation.

We’ll use cPanel in this example, but the process is the same for all methods.

On the following screen, go to the public_html directory. In some cases, it may have a different name, such as / or root, public, root_html, or your website’s name.

screenshot of cPanel's File Manager with an arrow pointing toward public_html

public_html contains the root WordPress directory with the three main folders (wp-admin, wp-content, and wp-includes) and the rest of the core files.

Among the other files, you will find wp-config.php. Right-click the file and select View/Edit. The file will open and you will see a bunch of PHP code. First, use CTRL + F or CMD + F to search for WP_MEMORY_LIMIT. If you find it, it’ll look like this:

define('WP_MEMORY_LIMIT', '64M');

Simply change 64M to 128M or 256M to increase your PHP memory limit. 128M should be enough for most sites and 256M should be enough for sites that run resource-intensive plugins.

If you can’t find the line, you’ll simply have to copy and paste it. You must insert it above the line that says /* That's all, stop editing! Happy publishing. */, which is near the end of the file. It should look like this:

define('WP_MEMORY_LIMIT', '256M');

/* That's all, stop editing! Happy publishing. */

A low PHP memory limit is a common problem in relatively cheap hosting providers because they often offer such limited resources.

If increasing the memory limit via the wp-config.php file doesn’t work, contact your web host and inform them of the situation.

Solution #5 Change Passwords

The crash may be due to a hacker taking over your admin account and introducing malware into your site. Assuming the hacker didn’t change the password to lock you out, change it yourself as soon as possible.

In the admin dashboard menu, go to Users > All Users. Hover the pointer over your admin account and click on Edit.

In the Profile screen, scroll down to the Account Management section and click the Set New Password button. While you’re at it, also press the Log Out Everywhere Else button if it’s available.

The Set New Password button will provide a strong, randomly generated password. You can generate new passwords or input a password yourself, but it’s recommended to use a long password with random characters.

Confirm or modify your auto-generated password

Once you get a password you like, scroll down and press the Update Profile button.

Solution #6 Install a Firewall

If your site went down due to a denial-of-service (DoS) attack, installing a firewall plugin to block malicious connection attempts can quickly restore it.

These are some of the best plugins with a firewall feature:

Wordfence. Popular for its built-in website application firewall, monitoring for malware, file changes, SQL injections, and protection against DDoS and brute force attacks. The basic plugin is free, with a premium version starting from $119 per year.
Solid Security. It offers a quick configuration of firewall settings, making it ideal for beginners. The pro plans start at $99 per year.
MalCare. Best known for its malware scanning, it also offers a real-time WordPress firewall with specialized rules to block severe attacks and bot protection features. It has a free tier and a premium version that starts at $99 per year.
Sucuri. Provides a DNS-level firewall, caching, website acceleration, and Anycast CDN. It’s a premium-only plugin that starts from $199.99 per year.

In addition to protecting your site from DoS attacks, many plugins with firewall features also repel brute force attacks, SQL injections, and cross-site scripting (XSS) while providing malware monitoring and performance optimizations.

Solution #7 Consider Upgrading Your Plan or Changing Your Hosting Provider

Depending on why your site went down, you may need to consider upgrading your hosting plan or changing providers. For example, if you’ve reached a traffic or disk space cap, you almost certainly need to upgrade your plan to account for your increasing resource demands.

Consider the following factors when deciding whether to upgrade or change providers:

Customer support. Choose a hosting provider that offers round-the-clock support through various channels like live chat, phone, and email.
Pricing. Compare the features offered by different hosting providers against their costs. Look for a balance between the features you need and the price.
Types of hosting. Understand the types of WordPress hosting available, such as shared, managed, dedicated, VPS (Virtual Private Server), and cloud hosting. Each type has its benefits and is suited for different website needs (small blogs, large e-commerce marketplaces, etc.).
Performance and speed. For better website performance, ensure the hosting provider uses SSD storage for faster data retrieval and offers high or unmetered bandwidth.
Backups. Choose a provider that creates backups and easy restoration points. However, keep in mind that you may not need daily backups if your site doesn’t change often.
Content delivery network (CDN) support. CNDs make your site more accessible to all by distributing content across various servers across the world. Even if one server goes down in a specific region, other servers can still deliver your site to visitors.
Security. Some providers offer built-in security features like firewalls, DDoS protection, and SSL certificates.
Uptime guarantee. Aim for hosting services with maximum uptime (close to 100%).
Server tech. Look for hosting providers that support the latest PHP and MySQL versions to ensure compatibility and security for your WordPress site.
Reviews and testimonials. Look for third-party feedback and reviews from current and past users to gauge the provider’s reliability, customer service quality, and overall performance.

Explore multiple providers with these criteria in mind, and you will eventually find the one that matches your needs.

How to Prevent Future Downtime: 3 Tips

If any of the solutions we listed helped you, that’s great to hear! With that crisis averted, you should take steps to prevent it from happening again.

These are some of the most important preventive measures to future-proof your site’s stability.

Prevention Tip #1: Harden Your Login Page

In addition to changing your password, you should make your login page harder to access and break into.

Your login page is where you input your credentials to access your site’s admin dashboard. By default, the login URL is:

your-domain.com/wp-admin/

While the default login URL is good for beginners just learning to admin a WordPress site, it’s also convenient for hackers since they don’t have to spend time identifying your login URL before trying to crack your credentials. Therefore, one of the best login security measures is to change your login URL to a unique, non-default location that hackers should have no access to.

Other login hardening measures include the following:

Enforcing two-factor authentication for login attempts.
Enforcing long, strong, and unique passwords for all accounts with admin access to your site.
Limiting failed login attempts with a plugin like Limit Login Attempts Reloaded or Wordfence Security.
Using CAPTCHAs on the login page.
Blocking logins from admins using known compromised passwords.

Prevention Tip #2: Install a Security Plugin

WordPress security plugins are software security suites that protect your website from known vulnerabilities and threats. They allow you to protect confidential information, avoid being locked out of your site, and stop cyber attacks. Their most common features include the following:

Monitoring and scanning your website for malware.
Spam filtering.
Checking SSL certificates.
Protecting your site from zero-day attacks.
Repairing and restoring hacked sites.
Hardening your site.
Securing the authentication process.
Applying firewalls.

Whether free or premium, security plugins are a must to keep your website secured in an evolving security landscape where WordPress, given its popularity, remains the most attacked CMS.

Some popular security plugins include Sucuri, Jetpack, Wordfence, Solid Security, All In One WP Security, and BulletProo f Security.

Prevention Tip #3: Keep Everything Updated

To protect your site from incompatibilities and security breaches, you should constantly update your software components, namely your plugins and themes, the WordPress core, and your PHP version.

Updating your core improves security, fixes known bugs, and improves performance for your entire site. WordPress releases multiple major updates every year and several minor ones in between, so keep an eye out.

On the other hand, PHP versions generally last two to three years before being updated. After that, the next-to-latest version will receive security updates for about two more years, and then it’ll no longer be supported. Using outdated PHP versions is a significant security risk and a performance liability for your site.

When updating any software component, test changes in staging or local environments before applying them to your live site.

Finally, only choose themes and plugins from reputable sources.

It’s Possible to Bring Your Site Back up

There are many reasons why a site might go down, and as a result, you may need to take several measures to bring it back up. While dealing with a downed site can be very frustrating, it can also be a learning experience, especially if you’re a new developer still getting your bearings.

Hopefully, these tips will help you understand why your site went down, what you can do to bring it live again, and how to prevent more downtime in the future.

If you found this post useful, read our blog for more WordPress insights and guides!