Comments on: What’s Up with Go Daddy, WordPress, PHP Exploits and Malware?

By: emperor

emperor — Tue, 21 Sep 2010 07:19:22 +0000

My site is hit again, and mine is not a WP or SMF its a mybb software. I have contacted godaddy many times this is 8th or 9th infection, The responce they gave me made me think that they are allowing their server to be exploited forcing us to purchase more facilities from them

Thanks to their many back policy which i am going to apply now and changing host.

By: frank_z

frank_z — Sun, 30 May 2010 16:43:38 +0000

The irony of all this of course is that even this page itself comes up with the malware warning!

By: lisa_hazen

lisa_hazen — Wed, 19 May 2010 21:34:56 +0000

What’s super-frustrating to me is that it was blamed on outdated versions of WordPress. Literally every site of mine that was affected (there were four) was running 2.9.2.

What’s extra frustrating is that when I tried to post a comment here for support, I got a 505 error. Insult to injury.

I am an affiliate. I recommend GoDaddy to all of my customers, and handle dozens of sites a year. I will not continue to do so if I am blamed for malware attacks, and if the support is handled in such an insulting manner.

By: Dave

Dave — Wed, 19 May 2010 16:51:22 +0000

Please see the latest information posted by our Chief Information Officer at http://support.godaddy.com/godaddy/the-latest-information-on-compromised-sites/ – it may change your perspective on this.

By: jmiller

jmiller — Wed, 19 May 2010 16:21:42 +0000

I forgot to mention that I do not run wordpress at all on my site. The only software I use are som flash apps, and phpBB3, and then some .js files to power some of my pages. This malware still effected me badly though. Just because you’re not running wordpress doesn’t mean you couldn’t be effected.

By: jmiller

jmiller — Wed, 19 May 2010 16:20:13 +0000

My hosting was hit, and after going through each file found that the malware was using javascript files to insert a javascript on each index.htm and index.php file, as well as the same scripting on .js and .css documents. To fix all I did was transfer my site over to my computer, run Avast! antivirus scanner and whatever files were found to be contaminated I went through and removed the javascript (which in each case was located at the bottom of each document).

By: aitpro

aitpro — Wed, 19 May 2010 15:52:02 +0000

I have a solution. I have to keep this short due to the 100 word comment limitation here. For WordPress website owners on GoDaddy visit my website for more info AITpro.com or do a search for BulletProof Security WordPress. For HTML website owners on GoDaddy my secure.htaccess file included with my WordPress plugin will work for you as well. Just needs one minor edit that I will post on my website today. Tested on both GoDaddy WordPress and GoDaddy HTML websites and is 100% effective. 2 months of use on GoDaddy and 0 hacked websites.

By: deadoralive

deadoralive — Tue, 18 May 2010 23:32:16 +0000

Hi dani808 I am looking to leave as well. What do you take for a transfer of 7 WP blogs to Hostgator?

By: wpjohn

wpjohn — Tue, 18 May 2010 17:35:54 +0000

Honestly, if you want to lecture your customers about how they invited the attacks by using outdated software, you probably shouldn’t be using an old (and inherently insecure) version of WordPress for THIS BLOG. A huge security hole was fixed in 2.8.6

You’re running 2.8.5

By: dani808

dani808 — Tue, 18 May 2010 07:43:43 +0000

THIS IS ******** hit again!!!! I can’t frickin believe this. GOdaddy keeps claiming they aren’t the only one then how come my networksolutions, fatcow, and datapipe sites are all ok?!?!? I am going right now and moving all 65 of my websites & all 211 domains,the reseller accounts, etc to fatcow. Sorry, I hung in as long as I can. GoDaddy? NO DADDY!