The Tale of GoDaddy, Ukranian Hackers and One WordPress Blog

June 23, 2010

blogging

Photo by Annie Mole

I know that some of you use GoDaddy.com for your server space and to register your domain names. I want to let you know of some recent issues I had with my hosting so that you can hopefully avoid a similar fate.

From 2003 until about two months ago, I’d been extremely satisfied with my GoDaddy services. Not only were their rates reasonable but they had fantastic, LIVE customer service that was always willing to help.

That all changed quite suddenly about two months ago. One day, I began receiving concerned emails and texts from visitors to my blog stating that they were being redirected to potentially malicious third party websites when clicking in. I couldn’t see the issue on my end and I hadn’t made any changes to my files so I was completely unaware of what was happening. Luckily, two of my web-savvy developer friends came to the rescue and in less than an hour, they had diagnosed the issue (and fixed over 300 infected files). I was back up and running smoothly and that was the end of the issue. Or, so I thought.

On my end, I’d made a few key mistakes as a blogger. Firstly, I’d used nearly identical passwords to log into my FTP client, WordPress platform and GoDaddy account. Secondly, I hadn’t been regularly upgrading my WordPress software. I actually preferred the way an older version I was running looked, not realizing that as time goes on, hackers figure out holes in security and can compromise your site (each upgraded version contains major improvements and fix). Thirdly, while I was dilligently backing up the files on my server, I didn’t realize that another, equally important backup should be taking place — the WordPress database backup.

After making all of these changes, I was feeling pretty good (and safe). And, then the compromise happened again. And, unbelievably, AGAIN. Three times in less than a month!

I was dumbfounded. My passwords were now so ridiculous and long that I had to keep a list. My software was all upgraded to the latest versions. I couldn’t figure out what I was ‘doing wrong.’ After some digging, my developers had some information — my site was being compromised by a Ukranian hacker who had found a way in through my shared server space. When you buy the cheapest option from a lot of providers, you’re thrown into a heap with a bunch of other users. Someone was infecting sites on my shared server but interestingly enough, they weren’t erasing all of our files. What they wanted was far more valuable — our traffic. My site receives a few thousand visitors a day and the hackers wanted that built-in audience to visit THEIR site.

Once we had pinpointed the issue, I called GoDaddy. Though customer service was friendly, they didn’t offer any solutions that were particularly helpful (and buying dedicated server space is very expensive and not a necessity for my level of traffic at this point). I flat out asked them if they were familiar with the compromised server issue and they admitted that it ‘was a possibility.’ Yet, there didn’t seem to be any fixes in place. At this point, I was so fed up that I didn’t push it — I could tell that it wasn’t going to get solved. And, I wasn’t about to let it happen again. I understand that compromises in security happen, even to the best companies. But the same issue three times?! Surely, I wasn’t the only victim and they had to know about this.

According to Kimberly Castleberry:

It appears that someone took a botnet…and using a vulnerability that exists between WordPress and the Host (GoDaddy), is attacking every single blog/site that lives on GoDaddy’s servers. This round of infections appears to be unique to an exploit on GoDaddy.

By this point, I was sick of the headaches, the loss of traffic to my business and constantly having to readdress the same problem. I decided to get rid of a big chunk of my issue altogether — after upgrading all of my software, I moved my site over to DreamHost upon the recommendation of my web-savvy friends. And, I am about a million times happier. The user interface is much easier to use and the site doesn’t bombard me with a pile of affiliate products and services I don’t want or need. Thank you, DreamHost!

A Few Key Things You Should Do to Stay Safe

1. Use a different password for each of your accounts. Yes, this is a huge pain but totally worth it.

2. Always keep your blogging software upgraded to the latest version. In newer versions of Wordrpess, there’s a one button backup that takes care of it for you. Couldn’t be easier!

3. Use an SFTP client to upload content to your site as it’s much more secure.

4. Take the time to back up ‘both sets’ of your files — the content on your sever as well as your WordPress database which contains all of your posts, comments and the general formatting of your blog.

The Bottom Line

If you’re wanting to register a domain name quickly and at a great price, GoDaddy is fine. For hosting, especially for your blog, I would recommend looking elsewhere. Stay safe and happy blogging!

nubby signature

34 Responses to The Tale of GoDaddy, Ukranian Hackers and One WordPress Blog

  1. Elle Sees says:

    I hate this happened! BUT I’m glad you have some web-savvy friends who figured it out. But this happened for a reason–to get the word out about this situation. So thanks for sharing and I hope you have no issues in the future!!

    Reply
  2. sarah marie says:

    Thanks for this post. I found it very helpful. Often these issues leave me (anyone) in the dark. Without those ‘web-savvy’ people, adventures in hosting and the control there can be very confusing. And frustrating. Great post!

    Reply
  3. Lindsay says:

    Yep.. welcome to the world of owning a website.. We have only been hacked ONCE and it was due to our lack of updating our scripts.. but it was horrid and frustrating.

    DreamHost is one of the best hosting companies out there and GoDaddy is actually one of the worst. The probably with GoDaddy is that your website can’t grow with them. You need to consistent upgrade your service and you aren’t kidding about their horribly messy interface to try and do anything on the back end.

    Dreamhost gives you a basic Cpanel control panel that is super easy to use and laid out very well. GoDaddy made their own in order to try and confuse people to purchase things that they don’t need.

    Anyways.. I am at the point where I own my own server. People who host with me are my website design clients so it is still a shared server environment but its safe because only my clients are on there.

    I’m glad you learned your lesson to consistently upgrade your wordpress software (and do the same with your plugins) and that you found a good hosting company (i refer my clients to HostMonster who don’t host with me which is a sub company of DreamHost i believe).

    None the less.. glad you found your way out of the GoDaddy Vortex.. Let me know if you ever need additional help or decide to move towards your own server..

    Reply
  4. Julie says:

    I have different passwords for all my accounts (they are ridiculous and not even related to each other). I have my domain registered with GoDaddy, my website up in site5 (per my friend’s kindness, he gives me free hosting) and my wordpress up to date all the time.

    One of my friends told me that passwords over 14 characters (whenever they are available for use) are almost impossible to hack, so mine are 14 – 16 characters (kept in a list because they are ridiculous) and I haven’t had a hacking problem, ever (I also don’t have the traffic to even be a temptation to hackers).

    Another good security measure is to change your passwords every 3 – 6 months. A total pain but it’s better to be safe than sorry.

    Reply
  5. Anna @ D16 says:

    Nubs, I’ve been with Dreamhost for about 12 years now (!!!), and despite a few hiccups (and near-catastrophes, I’ll admit it) along the way, they’ve really been great. At this point, I have so many referrals and years of grandfathered-upgrades along the way that I no longer even pay anything for my hosting (!!!) . . . even though I’m hosting more than 10 domains. Plus unlimited storage AND unlimited bandwidth?! I don’t mean to sound like an advertisement for Dreamhost, but I’m so glad I use them.

    I use Dotster for registrations, by the way. They don’t charge anything to modify the DNS for your domains, which is awesome. I’ve never had any issues with them at all.

    Okay, I’m done shilling now!!! ;)

    Reply
  6. lau says:

    For some reason so many of my clients are insistent on going with GoDaddy, and it kills me. I hate their interface (mostly because I just find it so damn confusing) and just recently I’ve been having a terrible time getting wordpress to work properly on their servers as well. If I install certain plugins or themes, sometimes php page’s won’t even load, instead the browser tries to make me ‘download’ the files. Infuriating. So I basically have to pick what plugins and features I use based on the ones that don’t hiccup like that.

    !@#$^(@$

    Dreamhost is who I usually try to point my clients in the direction of, but I can’t always win, it seems. ;)

    Glad you’ve been able to resolve the issue, Nubbins!

    Reply
  7. Gab Whtie says:

    Thank you so much for this post! I’m planning on switching from free blogging software to my own content management pretty soon, and I heard that GoDaddy was shady lately, I’m glad you gave some alternatives!

    Reply
  8. claudia says:

    I’ve been using dreamhost for over 10 years and recommend it to everyone/anyone. They have taken good care of me for being a dedicated customer. I once had to work with a client who used godaddy and was so appalled by the website (seemed to me like they were constantly trying to sell you something and opening new windows up, took too many clicks to get to something, ect) that I ended up not working on that particular project. Yes really. NOT worth the extra time and frustration.

    I hope your experience with DreamHost is as awesome as mine has been, and thanks for sharing your ordeal.

    Reply
  9. Dena says:

    I was hacked, too — I also use WordPress and GoDaddy. I am afraid that it is going to happen again; but I can’t afford to switch hosts again at the moment. If I have another issue, I will be switching hosts when my sites are up for renewal next year.

    Thank you for sharing your story, Nubby!

    Reply
  10. Liz says:

    I HATE GoDaddy with a passion. They suck balls; glad you got out of there! I host through 1&1.com and I’ve never had any issues. I hear DreamHost is good too though, hopefully you have better luck with them! xo

    Reply
  11. Lola says:

    I just signed up with GoDaddy a few months ago per recommendation from an instructor at school…when I’m up for renewal, I’m making the switch. I guess you get what you pay for! I hope that everything works out for you, Nubby dear! xoxox

    Reply
  12. kc says:

    thanks for the info. i was actually considering moving to godaddy since it was cheaper than my current host (oh the scripting issues and down times!) but thank you for the info on dreamhost! after looking around their site i think i know where i’ll be going when my hosting is up next year. thanks again!

    Reply
  13. Kimberly Castleberry says:

    Thanks for the shoutout! In the end, with the attack I mentioned, it appears that it really wasnt “interface” at all. GoDaddy had left their OWN servers unpatched, from known security vulnerabilities and was paying the price for it. Technically, users were paying the price. (GoDaddy also does not optimize for wordpress and this created another layer of problem.)

    I haven’t hosted on Dreamhost and can’t say much about them except that we had some clients have issues with their ban on the All in One SEO plugin previously. I have no clue what the status of that issue is so cant really say.

    At the end of the day its important to find a host that specializes in hosting. No domain sales, not internet service, not affiliate products, not bells and whistles… hosting… optimized for your preferred services.. that is so married to hosting that they can not afford to let their name be compromised.

    I’d love if you’d post on the original thread and share the link to this post as well :)
    Kimberly

    Reply
  14. Nubby says:

    Elle Sees: That’s sometimes the only way to learn…if something doesn’t happen to you or someone you know, it’s kind of hard to know what to expect or how to deal with it. So for that, I’m thankful. Gotta spread the word!

    Sarah-Marie: You’re welcome. Though I spend a lot of time on the net and do some web design, I tend to hire out the more technical side of things to make sure they’re done right. So I am thankful that there are people out there who are able to help the rest of us mere mortals out!

    Lindsay: Thanks for sharing your wealth of knowledge — super helpful!

    Anna @ D16: Thanks for the info and I am happy to hear that you’ve had such a glowing experience with DreamHost! I am most impressed with their uncluttered interface — and the unlimited bandwidth and storage!!! SO awesome. I got charges a few times that were double, even triple what my monthly rates were from GoDaddy because I went over their predetermined bandwidth usage. Lame.

    Lau: If I was starting out now, I would have never gone with GoDaddy. Since I had a standard site for nearly 5 years before the blog and my friend had signed me up, it seemed to serve me fine. But now that I know what I’m dealing with, DreamHost is so so so much better.

    Claudia: So far, so good. I am now a DreamHost convert and it seems like everything loads much faster. Plus I’m not getting charged for spikes in my bandwidth (which happened a few times with GoDaddy).

    Dena: I probably had a year left on my GoDaddy acct. for prepaid hosting and walked away. It wasn’t worth the stress or the annoyance of having the same issue repeatedly pop up.

    Lola: I didn’t know anything about other hosting options when my friend built my first site in 2003. He set me up with GoDaddy and that’s all I knew. I’m so much happier now with DreamHost….the biggest annoyance with GoDaddy is having to click through a ton of screens just to do something basic. I never knew where to go!

    Kc: I’ve learned the hard way that cheaper doesn’t equal better. I’d rather pay a few more dollars a month and know that my content is in good hands.

    Kimberly Castleberry: Thanks for all the info, I am glad you stopped by and clarified the issue along with providing additional insight into hosting providers.

    Reply
  16. Yoshi says:

    Thank you Nubby, I am sorry you had such a bad experience… this reminds me of the other shocking customer service issue you pointed out a week or two ago, I don’t remember exactly when… not as extreme though.

    Haha, I used to have a website a few years ago, in a particular web design community, and it seemed to be universally acknowledged that DreamHost was the way to go! (I never paid for my own server space though, I was actually sharing with someone else – which was fine for me, at the time.)

    So I will be interested to see how you feel about DreamHost once you’ve been with them for a while!

    Reply
  17. WendyB says:

    I experienced this too and I am definitely leaving GoDaddy. I was caught up in the second wave of the attack, after a lot of people started criticizing GoDaddy, so they did fix my site for me but they sent a really passive-aggressive form e-mail to me saying they were doing the fix “as a courtesy.”

    Well, fuck it, it was an attack on THEM, so what is the courtesy? It’s their responsibility. I had all different passwords, btw.

    Reply
  18. Lindsay says:

    Nub, you also have to beware of the people who hike up their prices touting some awesome “quality” features when in fact you are paying for a whole lot of fluff..

    One of my clients’ original project managers quoted her $300 per quarter for hosting charges (not including maintenance fees) for a basic ecommerce store with 30 products and a blog.

    There’s a fine line and in my opinion, if you are a designer or an individual who doesn’t know a lot of the techno jargon, you should find someone you know and trust to point you in the right direction.

    Reply
  19. Marina says:

    Goodness, sounds incredibly frustrating! I hope this doesn’t alter your opinion of Ukrainians- most of us are decent people!

    Love your blog, keep doing what you are doing.

    Reply
  20. Vanessa says:

    I had a very similar problem with the combination of GoDaddy and WordPress last year. I ended up completely removing all wordpress files… I guess if it happens again I’ll be switching to a different hosting server.

    Reply
  21. Nubby says:

    Yoshi: So far, so good with DreamHost. I trust their service because I have quite a few web developer friends that have used them for years and swear by their service.

    WendyB: Wow, I am so sorry to hear that! You paid for a service just like me and so many others and they didn’t provide what should have been included with the cost — decent security!

    Lindsay: Totes agreed. I knew the basics but wasn’t into the hassle of switching my server space over to another provider until this happened. The GoDaddy standard hosting rates are really reasonable — unfortunately, I got what I payed for! I’m so much happier paying a few dollars more a month because DreamHost rocks!

    Marina: Aww, you’re a Ukranian! In the post, I threw in the ‘Ukranian Hacker’ part half jokingly because I was so annoyed that someone on the other side of the world in a country I’ve never been to was making my life a living hell! ;)

    Vanessa: I hate to say it but it probably will happen again. I did all the recommended upgrades and even then, I got hit TWICE.

    Reply
  22. gilda says:

    OH MY GOD this happened to me about a month ago-ish, and i was wayyyy to busy with my thesis to do anything about it. plus, when i checked my blog, it didn’t redirect me so i thought i was doing ok.

    until about a week ago when i went to have a look at my dashboard and i realized it had been taken over by aliens from pluto.

    when i called godaddy, they actually ran some program through my site and fixed it for me in 2 minutes. which was kind of cool coz apparently they got rid of about 700+ corrupted files!!?? i had a shock.

    and i’m really bad at backing up too, and i have NO, absolutely NO web-savvy friends who could help me. i even paid someone to help me set up wordpress for the first time, so you can imagine my horror when i thought i had to redo everything. it would have killed me and i might have given up on my blogging for good.

    i still have a long way more to go on my contract with godaddy, and i don’t know whether i should just leave and hop to another host now, or wait till i get screwed again and regret. it’s really tough!! tougher because i really don’t know how to do it on my own and reading all the “help” from googling burns holes in my head. i mean, if i move hosts now, i don’t even know how to transfer my whole blog over, you know? ugh.

    all in all, since i’ve moved to america, i’ve had my id stolen, i’ve had to change debit cards about 4 times, and now this website bullshit hacking? i HATE hackers of all kinds, they should burn and die.

    Reply
  23. Lindsay says:

    Hey Gilda, if you move hosts and go to something like DreamHost and Hostmonster, chances are the new host you go to will help you move your site over and do it for you. Make sure you call customer support first to ask, but I am pretty sure you will not have to do it yourself.

    Its ironic that all that stuff happened to you after you moved to america but chances of the people who have stolen your id and hacked your site were not from the US and are from Eastern Europe is much higher than them being from here. That sucks, i’m sorry you had to deal with all of that stuff.

    Reply
  24. Brittanny says:

    Thanks for the post. I’ve always heard the GoDaddy was one of the worst sites to use but for some reason I still use them. I even just renewed one of my domains with them yesterday (thankfully it’s not a high traffic site so no one would be interested in hacking it). I’ll look into moving all my domains to DreamHost.

    Reply

  25. Pingback: Carousel—06.25.10 | evolution you

  26. Pingback: Fin - Week Ending June/25 2010 | Joanne Faith.com

  27. Jen says:

    I used to work for godaddy and as an employee I told people to get domains through us and hosting elsewhere. After working as a server engineer and finding out all the shortcuts, I moved all of my content to another provider.

    Reply
  28. Jen says:

    Oh, and if/when you get to the point where you need a dedicated server for your site, don’t get it through godaddy. Trust me on this.

    Reply
  29. Nubby says:

    Gilda: Ugh, I am so sorry to hear that you were stricken by evil hackers too!!! You must have got hit later on in the wave when they finally felt the pressure to help clean the mess up. As a company providing paying customers with a service, it is NOT OKAY to have crappy security! I hired my friend Star of thisisstar.com to help me out and if you want to make the switch, she may be available to help you as well. I’d get off their servers ASAP.

    Lindsay: You make a great point. Even though GoDaddy is an American company, my information was corrupted by someone in Eastern Europe….I was lucky that I have some friends that knew how to transfer all my data to a new server but thanks for the reminder that sometimes a provider can help with this process.

    Jen: Glad to hear what I’ve suspected from someone that used to be on the inside!

    Reply

  30. Pingback: Best Of… 02-07-2010 | - juliettemaxwell.com -

  31. Pingback: The Start-Up Diary: Week 2 – The Piazza Room

  32. ross says:

    traffic is one thing they want… the other popular thing is that hackers will crack a hosting companies server and then sell the details of the servers in batches to advertising spam agencies who then sell the traffic to pharmaceutical and other companies who pay them… so its a cycle… the hackers themselves make no money from your traffic without this method :) in over 5 years, the only hosting company not to have long term damage to this is hostgator! Great blog btw, lots of great content – just sharing my knowledge from living in a country where hacking is not illegal :)

    Reply
  33. Ingrid says:

    Hi Nubby,

    I love your work and your site is great, so sorry to hear that you’ve had these problems with your site. I’m a web and graphic designer myself, and former server engineer, and I always tell my clients to always keep their site updated with the latest patches to stay secure, but a host not updating their own servers and leaving their clients open to exploitation is sloppy, unprofessional and outrageous.

    I have a client using GoDaddy hosting for her main website and she’s getting me to develop a WordPress site for her to have hosted there but I think I’ll get her to read your tale and hopefully she will see the light and switch hosts! I didn’t like them before because they have a terrible control panel and are always trying to sell you something, but I was putting up with them because she prepaid for her hosting. I hope I can convince her to switch!

    Reply
  34. Sasha-Shae says:

    I use GoDaddy for my domain names.. I am looking to switch over to NameCheap or something else. But for hosting, I am LOVING WPengine..it works great, includes CDN and has basically very little down time, all in all I was happy I made that switch. :)

    GoDaddy is just irk nowadays.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Please note: Any comments deemed inappropriate (spam, off-topic, rude language) will be removed.