You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.
AWS Certified Cloud Practitioner AWS Certified Solutions Architect
Menu
Blog

How Do Big Companies Like GoDaddy Provide Hosting So Cheap? By Cutting Corners And Putting You At Risk

22 Nov 2021
I woke up to this alert this morning from WordFence...


GoDaddy announced this morning that they have been breached. Our team took a deep dive into the breach and found that GoDaddy appears to have stored passwords in plaintext, or in a format that could be reversed back into plaintext, which is not an industry best practice.

We confirmed this by signing into a GoDaddy Managed WordPress Hosting Account and verifying that we were able to view our own sFTP password. That means the attacker didn't need to crack the passwords and could likely retrieve them directly.

According to GoDaddy's own SEC filing: "For active customers, sFTP and database usernames and passwords were exposed."

The attacker had access to GoDaddy's systems for over two months before they were discovered.

We have published a detailed post explaining how customers are affected, and what to do. Please pay special attention to our comments regarding your own customer notification obligations, if your site(s) are affected by this.

https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/



Wow. The FTP passwords for 1.2 MILLION GoDaddy customers are now out on the internet. What is worse is that the attacker had access to the passwords for TWO MONTHS before anybody at GoDaddy knew. If those passwords were re-used between other accounts (say, social media or email logins) then a lot of GoDaddy customers are about to have a Very Bad Day.

Here are a few of the steps I take to protect your website from this kind of disaster:
  1. Any FTP access to AWS servers requires a private, encrypted keyfile as well as a login and password. Unless I have made one specifically for a customer, only I have that keyfile.
  2. All unnecessary access to AWS servers is disabled so that holes are not left open for attackers.
  3. Two-Factor Authentication is used on all direct server account access. This means a secret, time-limited code (it changes every 60 seconds) is required on top of a username and password. Even guessing my passwords will not be enough to access the web and database servers at AWS.

It is also important that your website is locked down so it is safe from hacking. These are the steps I take to keep your site and data safe:
  1. Every WordPress site has WordFence installed. WordFence provides services to check for changes in WordPress core and plugins code to identify if a hacker has made any changes to them (for example, if a hacker tried to install a "back door" or malware). WordFence maintains a list of global attacks and checks for them.
  2. An external security check is performed nightly on all sites to identify tell-tale signs of malware or hacking. This uses an up-to-date vulnerability database to run tests. This is a two-pronged defense - internal and external - to monitor your site's safety.

And finally, Cloudflare DNS provides these services to keep your website safe:
  1. The WordPress login page is protected from brute-force attacks by password guessing bots.
  2. Your website IP address is hidden so that your server can not be targeted directly.
  3. Denial of Service attacks (DoS or DDoS) are stopped by Cloudflare's edge servers so that your web server can not become overloaded by an attacker or somebody attempting to ransom your site or take control of it.

At GMAC Internet Solutions your website is in safe hands. I don't just make awesome sites that make you look good. I make sure your site never becomes another statistic on an internet that is full of bad actors, hackers and criminals.

If your IT provider suggests using GoDaddy (or any other large hosting provider) to save money then give me a call. IT support people often have out of date knowledge about website-related issues and frankly do not know what they do not know. That's why there are so many data breaches and hacks. There is a better way.

If you would like to know more about how all this works then I am always available to answer any questions. Give me a call or email and I would love to run you through it all. It might get nerdy but that's because I am a big nerd when it comes to internet security.

The internet is a dangerous place. Let me keep your website and its data safe.


Gerard McDermott
GMAC Internet Solutions

Return to Blogs index



AWS Cloud Certified

AWS Cloud Certified

I am now an Amazon Web Services (AWS) Certified Cloud Practitioner AND an AWS Certified Solutions Architect. This certification demonstrates that I that know all the AWS core services, know how to set up security and encryption in AWS services, understand networking of AWS instances, and can optimise cloud pricing for myself or others.
SEO And Google AdWords Are Now Part Of The Team

SEO And Google AdWords Are Now Part Of The Team

To kick off 2020 with a bang, I am proud to announce that I have now added SEO and Google AdWords services to my team. That means top quality Google advertising, lead generation, search engine optimisation, remarketing, social media advertising are now available to add to your website.
This Is The Best WordPress and Website Hosting

This Is The Best WordPress and Website Hosting

I set up an amazing hosting platform to run my business on. Everything I do uses Amazon Web Services. Here I will describe how my AWS website hosting works. This is not the full picture, though - there are a lot of other tools that I use to deliver websites that are FAST, reliable and a pleasure to use. This will give you an idea why my sites are so quick and why yours should be too. The entire approach is to make every operation run in parallel on infrastructure that is most suited to each kind of task required to build a web page. Read about how I do it.
Sharing The Load

Sharing The Load

When making any modern website or software application we use a team of people to make sure the job is done properly. When running a modern website or software application we use a team of computers so that their job is done properly as well.
Living On The Edge

Living On The Edge

When I meet a web professional who does not use CloudFlare it's like meeting a time traveler from the past. Cloudflare has servers all over the world that intercept the traffic to your website to make sure if it is safe. Imagine if all those CloudFlare servers could be used for other tasks. Now they can.
4 Big Reasons Why Your Website Needs Cloudflare

4 Big Reasons Why Your Website Needs Cloudflare

Most people only know Cloudflare as DNS management, but it also provides a suite of essential tools for a modern website. An SSL certificate, content delivery network, on-the-fly page optimisation and page rules, and protection from the rest of the internet.