Currently set to No Index

What the New User can Learn from the GoDaddy Account Hack

godaddy-web-hosting

Recently a security breach occurred in 445 of GoDaddy’s web hosting accounts.  While that may not seem like a lot on a percentage basis, that is also high enough to indicate that the hack was some type of systemic problem.  This can scare the new user into a lot of frantic questions.

Panicked thought is seldom a clear thought.  So even if you were one of the accounts in question, there are things that you’ll want to consider when evaluating this incident.

Innocent until proven guilty

One of the most obvious knee-jerk responses is the one that is most necessary for us to correct immediately: blaming GoDaddy.  When something like this happens, until you have very specific, proven reason to believe otherwise, it’s unwise and unfair to blame the host.  We’re hesitant to even use this as an article topic for that reason.  We only are because this will happen now and then, and it’s good to have the object lesson.

RELATED:   The Top 9 Ways You Can Foil Hackers

Why did this only happen with GoDaddy though, you might ask?  There are many reasons that have nothing to do with them.  The most obvious is just efficiency.  By focusing their attack on one host with many users, the hacker(s) don’t have to concern themselves with more than one system architecture.

What actually happened?

Let’s summarize the incident.  The compromised accounts had their .htaccess file changed.  This is a file that handles URL requests on the user account level.  It sets rules for how to treat different requests to that user’s web site based on different criteria.  In this case, it was set so that any hits to the user’s site that came from a major search engine were redirected to a malicious outside site.  This site in turn infected the surfer’s browser, continuing and amplifying the disease.

RELATED:   Authentication Hacking: Is Your Site Vulnerable?

The accounts have since been re-secured, but this does now require that we ask the pertinent question: how were the accounts infiltrated?

They got the passwords – but how?

What we know is that somehow the bad guys got these user’s passwords.  What we don’t know is how.  So in lieu of having further information, we must use this opportunity to repeat two of the oldest security cautions:

  • Keep your software updated – One site suggested the possibility that the users exploited a hole in a web site created by an outdated version of WordPress of Joomla!  You need to decide how much it’s worth it to stay close to the news reel on security updates, but either way don’t ignore them entirely.
  • Choose secure passwords! – This is the bane of the security world.  Even after decades of warning, users still continue to have “123456” and “password” for passwords.  Do you? Change it!  This is a major reason why we must give GoDaddy the benefit of the doubt: this alone might have been the cause of the break-in.
RELATED:   PHP and Common Web Hosting Security Issues

In summary, if there’s any one piece of advice we can take from this incident, it’s this: don’t panic.  Security for your web site requires clear-thinking at all times.

How to Find a Successful Name For Your New Blog?
How to Find a Successful Name For Your New Blog?

One of the most important decisions you can make to ensure your blog is among the best is to select a name. While there are more than 500 million blogs available...

How-to Start a Blog – Review of the Best 10 Blogging Platforms
How-to Start a Blog – Review of the Best 10 Blogging Platforms

If you want to start a blog as fast as possible, then you need to consider choosing a blogging platform. Thankfully, there are some excellent free and paid blogging platforms...

How Referral Marketing Can Benefit Web Hosts
How Referral Marketing Can Benefit Web Hosts

Even if the niche of web hosts are fully loaded with a lot of companies they are still one of the easiest to promote because you could write your own...

Broken Links: How to Find, Fix, and Benefit from Broken Links
Broken Links: How to Find, Fix, and Benefit from Broken Links

Links are what holds the web together. Essentially, the web is named as such because of the ability for pages and sites to link to other sources and relevant information....

Brand Value & the Most Powerful Brands (with Infographic)
Brand Value & the Most Powerful Brands (with Infographic)

Brand value – everyone wants it, however, only few are able to achieve it. The subject of “brand value” holds a significant position amongst marketers, executives, and entrepreneurs. Let’s discuss...

Reasons why your business should shift to Cloud hosting
Reasons why your business should shift to Cloud hosting

Cloud hosting has been on the rise since its inception. The improvement to your website performance and business efficiency that comes with Cloud hosting is almost tangible.

Why We Love the IT Support Career?
Why We Love the IT Support Career?

In almost all of my posts I was talking about the stressful side of the IT – the long hours, end user issues, migrations, midnight calls and the like. But...

IT Manager: Ways To Show Your Appreciation To Your Team
IT Manager: Ways To Show Your Appreciation To Your Team

Surely your team struggled hard and made things happen. You cannot say “this is what you get paid for” and just leave – you cannot keep your IT staff that...

Leave a Reply

Your email address will not be published. Required fields are marked *