Daily Archives: June 23, 2010

The Tale of GoDaddy, Ukranian Hackers and One WordPress Blog

blogging

Photo by Annie Mole

I know that some of you use GoDaddy.com for your server space and to register your domain names. I want to let you know of some recent issues I had with my hosting so that you can hopefully avoid a similar fate.

From 2003 until about two months ago, I’d been extremely satisfied with my GoDaddy services. Not only were their rates reasonable but they had fantastic, LIVE customer service that was always willing to help.

That all changed quite suddenly about two months ago. One day, I began receiving concerned emails and texts from visitors to my blog stating that they were being redirected to potentially malicious third party websites when clicking in. I couldn’t see the issue on my end and I hadn’t made any changes to my files so I was completely unaware of what was happening. Luckily, two of my web-savvy developer friends came to the rescue and in less than an hour, they had diagnosed the issue (and fixed over 300 infected files). I was back up and running smoothly and that was the end of the issue. Or, so I thought.

On my end, I’d made a few key mistakes as a blogger. Firstly, I’d used nearly identical passwords to log into my FTP client, WordPress platform and GoDaddy account. Secondly, I hadn’t been regularly upgrading my WordPress software. I actually preferred the way an older version I was running looked, not realizing that as time goes on, hackers figure out holes in security and can compromise your site (each upgraded version contains major improvements and fix). Thirdly, while I was dilligently backing up the files on my server, I didn’t realize that another, equally important backup should be taking place — the WordPress database backup.

After making all of these changes, I was feeling pretty good (and safe). And, then the compromise happened again. And, unbelievably, AGAIN. Three times in less than a month!

I was dumbfounded. My passwords were now so ridiculous and long that I had to keep a list. My software was all upgraded to the latest versions. I couldn’t figure out what I was ‘doing wrong.’ After some digging, my developers had some information — my site was being compromised by a Ukranian hacker who had found a way in through my shared server space. When you buy the cheapest option from a lot of providers, you’re thrown into a heap with a bunch of other users. Someone was infecting sites on my shared server but interestingly enough, they weren’t erasing all of our files. What they wanted was far more valuable — our traffic. My site receives a few thousand visitors a day and the hackers wanted that built-in audience to visit THEIR site.

Once we had pinpointed the issue, I called GoDaddy. Though customer service was friendly, they didn’t offer any solutions that were particularly helpful (and buying dedicated server space is very expensive and not a necessity for my level of traffic at this point). I flat out asked them if they were familiar with the compromised server issue and they admitted that it ‘was a possibility.’ Yet, there didn’t seem to be any fixes in place. At this point, I was so fed up that I didn’t push it — I could tell that it wasn’t going to get solved. And, I wasn’t about to let it happen again. I understand that compromises in security happen, even to the best companies. But the same issue three times?! Surely, I wasn’t the only victim and they had to know about this.

According to Kimberly Castleberry:

It appears that someone took a botnet…and using a vulnerability that exists between WordPress and the Host (GoDaddy), is attacking every single blog/site that lives on GoDaddy’s servers. This round of infections appears to be unique to an exploit on GoDaddy.

By this point, I was sick of the headaches, the loss of traffic to my business and constantly having to readdress the same problem. I decided to get rid of a big chunk of my issue altogether — after upgrading all of my software, I moved my site over to DreamHost upon the recommendation of my web-savvy friends. And, I am about a million times happier. The user interface is much easier to use and the site doesn’t bombard me with a pile of affiliate products and services I don’t want or need. Thank you, DreamHost!

A Few Key Things You Should Do to Stay Safe

1. Use a different password for each of your accounts. Yes, this is a huge pain but totally worth it.

2. Always keep your blogging software upgraded to the latest version. In newer versions of Wordrpess, there’s a one button backup that takes care of it for you. Couldn’t be easier!

3. Use an SFTP client to upload content to your site as it’s much more secure.

4. Take the time to back up ‘both sets’ of your files — the content on your sever as well as your WordPress database which contains all of your posts, comments and the general formatting of your blog.

The Bottom Line

If you’re wanting to register a domain name quickly and at a great price, GoDaddy is fine. For hosting, especially for your blog, I would recommend looking elsewhere. Stay safe and happy blogging!

nubby signature