What’s Up with Go Daddy, WordPress, PHP Exploits and Malware?
UPDATE: For up-to-date information, please visit the most recent blog post on the topic, The Latest Information on Compromised Sites. Thank you.
When a customer complains of a compromised website, Go Daddy takes it very seriously. You pay us to host your site; we want you to be satisfied, not frustrated with your experience.
Here are some facts to clear up misinformation regarding the recent malware attacks that hit users across the Internet. Though the problem was not unique to Go Daddy, we went above and beyond to help fix the issue. Remember, if you think you’ve been impacted, please fill out the Security Submission Form and our team will investigate for you.
Go Daddy Chief Information Security Officer
WHO IS AFFECTED
- We’ve confirmed with or seen reports from customers of BlueHost, DreamHost, Media Temple, Network Solutions, Go Daddy and other hosting providers
- Individuals running outdated applications and software, including forgotten files
- Sites running WordPress blogs and other PHP-based platforms, including Zen Cart eCommerce
- Tens of thousands of users across the Internet
- Of Go Daddy’s more than 4.3 million hosted sites, this impacted less than 0.05% of our customers
WHAT THE ATTACK IS
- A PHP exploit affecting older versions of hosted software, such as WordPress
- Malware that changed its point-of-entry several times, adapting to defenses
- A security compromise that came back in multiple waves, finding new vulnerabilities
HOW GO DADDY IS HELPING
- Scanning our servers upon first instance of the attacks, to identify impacted customers
- Contacting affected users directly by phone and e-mail to alert them of the issue
- Creating a “Security Submission Form” for users to submit their site for review by our Security Team
- Reaching out to other large hosting providers, our competitors, to share best practices and protect the Internet community
- Developing Help Articles to inform users how to keep their sites safe and avoid the problem
- Participating in webcast and blog discussions to educate the public about the attacks
WHY THE ATTACKS ARE HAPPENING
- Powerful, robust applications like WordPress have lots of code … one tiny vulnerability is all it takes
- Old software versions require updates to patch security holes, customers aren’t always aware
- Neglected, once-used applications with security holes are sometimes overlooked
- Security is only as strong as its weakest link, one bad file in a hosting account can bring everything down!
- If a site is already compromised, updates themselves won’t always fix the problem
REMEMBER… WE’VE GOT YOUR BACK!
- We’re listening to what our customers are saying on Twitter and other social forums
- Go Daddy is here to help you avoid the issue and solve the problem.
- Please see the following important links: