Introduction
Last week I tried installing WordPress on one of my websites using Bluehost’s installer from the cPanel, which bounces over to mojomarketplace.com. I had previously used this method to install WordPress on a different website (this one, as it happens) with no problem. Unfortunately, this time I got the error message seen above: “Installation Failed – Something went wrong. Failed to extract the package files.”
Bluehost: “It’s a known issue”
After some brief and unfruitful Googling, I contacted Bluehost through online chat. After checking that there was no problem with my account, their representative Anveeth advised me that the problem is on their end:
There is some issue going on with the WordPress Installation using the WordPress tools option. It’s a known issue and our server engineers are working hard on the resolution. –Anveeth, Bluehost
I asked about an ETA for fixing it, and Anveeth advised, “Unfortunately, there is no ETA regarding the WordPress Installation issue fix. The issue will be fixed soon.”
Temporary workarounds: two options
Have Bluehost do the installation
Anveeth offered to install WordPress for me manually, which I agreed to. We first had a brief discussion about where to install it and whether to overwrite the existing files, and Anveeth accommodated my specifications on this, which I appreciate. Anveeth then emailed me the login information for the WordPress admin panel. (If you have Bluehost do the installation, be sure to see the security note below!)
Install WordPress manually
Anveeth also noted that I could choose to install WordPress manually, and sent me this link: https://themeisle.com/blog/how-to-install-wordpress/. (I was a bit surprised that they didn’t recommend a resource on Bluehost.com or WordPress.org.) That link describes a few different ways to install WordPress, and presumably Anveeth was referring to “Method #3” which says how to download WordPress and then upload it with an FTP program. I haven’t attempted this, but it seems straightforward enough.
Important security notes
With Bluehost’s help, I did get WordPress installed, but there was one thing I found very surprising and disappointing: upon initial installation, Bluehost set the username to the default “admin,” and set a very short and simple password — both of which are completely inappropriate in light of today’s cybersecurity dangers.
I expressed my concerns, and Anveeth wrote, “We just use that and ask the cm [customer?] to reset the password once the moment it is created.” Which isn’t adequate, because 1) unfortunately sometimes people don’t reset passwords, even when they should, 2) what if I had a connection problem and couldn’t reset it right away? and 3) insofar as hacking attempts are often automated, a brief moment could be sufficient for a successful hack, even if I manually reset the login credentials as soon as I could.
If Bluehost does the installation for you and creates a user called “admin,” you can delete it by following the instructions here. Basically you want to create a new user with admin privileges, then delete “admin.” This is necessary because WordPress doesn’t allow you to change usernames, and you don’t want to use one that’s the default, as that’s the first thing a hacker would try.
The really ironic thing is that while doing the installation, Anveeth was trying to schedule a sales call to me regarding some type of security product. I’m not inclined to take security advice from a company that sets crappy login credentials on WordPress installations!
Conclusion
I hope this was helpful to someone. If this post saved you time or money, a small donation would be greatly appreciated.