Check Out Our Shop
Results 1 to 19 of 19

Thread: Question on Go Daddy Malware attack

  1. #1
    Join Date
    Jan 2004
    Posts
    4,153

    Question on Go Daddy Malware attack

    So i get a call from Go Daddy, they are saying that a Bot has attached my site and opened it up for further attack. As of now there is no issue, but an attack from more bots can occur.

    A one year fix is $170. is this a scam or do i really need it.

    Thanks for any input.

  2. #2
    Join Date
    Aug 2011
    Location
    panhandle locdog
    Posts
    8,159
    Sounds (ph)fishy to me.

  3. #3
    Join Date
    Mar 2014
    Location
    7B Selkirks USA
    Posts
    946
    That sucks, I don't have an answer for you other than the stock dropped dramatically today 5% and that isn't a good sign for you. It could indicate that there was a known breach.

  4. #4
    Join Date
    Oct 2006
    Location
    Bellevue
    Posts
    7,542
    Quote Originally Posted by Leavenworth Skier View Post
    Sounds (ph)fishy to me.
    X2

    Call godaddy directly and ask about it. If it's real they will know. Otherwise it sounds like a scam

  5. #5
    Join Date
    Aug 2011
    Location
    panhandle locdog
    Posts
    8,159
    Quote Originally Posted by abraham View Post
    X2

    Call godaddy directly and ask about it. If it's real they will know. Otherwise it sounds like a scam
    Rule of thumb for me is that a webhost, service provider, financial institution, government entity, etc will almost never call. If they ever call, thank them, let them know you'll look into in and then call a number you know is valid. 99.9% of the time it's going to be bogus. Big businesses and government communicate with email and letters because it creates a paper trail if you did actually refuse something.

  6. #6
    Join Date
    Apr 2012
    Location
    ¯\_(ツ)_/¯
    Posts
    12,122
    Any fix they do for you should in theory fix it, not only run for a year. Unless it's monitoring or a warranty or something. It doesn't really make sense to me. Why would a "bot" attack your site only to leave a door open for other bots? Once they are in you'd assume they would try and take your data, or something else. Not just leave a paper trail so you can fix it.

    I would call GoDaddy directly and make sure it's not a scam, then figure out what exactly the attack was, what it attacked, what your vulnerabilities are, what actually happened in the initial attack, etc. Then I would probably hire someone who isn't GoDaddy to do any security updates you might need.

    You could also consider something like CloudFlare to give you another level of protection from attacks like this.

  7. #7
    Join Date
    Jan 2004
    Posts
    4,153
    Thanks all, yeah i called them back directly and that is when they pitched me. They just kept on saying that the Chinese or porn will redirect anyone who visits my site.

    I ll dig a little deeper, see what i can find.

  8. #8
    Join Date
    Mar 2011
    Location
    North,NorthEast
    Posts
    3,716
    This happened to our site over the summer too. GoDaddy calls you directly. A lot. It’s always a Phoenix, AZ number. They’ll call for plan maintenance, malware, just to say hi. They offered me the same BS removal/fix plan, my web designer fixed it for free. He’s been telling me to switch our hosting ever since, I’ll get around to it one of these days. You would think if you are paying for hosting, on a “secure” hosting site, they would take care of these things before they became a problem?

  9. #9
    Join Date
    Apr 2012
    Location
    ¯\_(ツ)_/¯
    Posts
    12,122
    If it were me, I'd move all of my stuff away from GoDaddy immediately if they can't guarantee the security of your site without paying extra money. Lots of other/better options out there.

  10. #10
    Join Date
    May 2002
    Posts
    33,437
    Great. I just launched a site from their site builder.

  11. #11
    Join Date
    Sep 2006
    Posts
    6,771
    A friend many years ago got me set up with them for my hosting and domain's so I have just left it there. I would be interested to hear of better options people are happy with.

  12. #12
    Join Date
    Jan 2004
    Posts
    4,153
    Quote Originally Posted by Phildo_Baggins View Post
    If it were me, I'd move all of my stuff away from GoDaddy immediately if they can't guarantee the security of your site without paying extra money. Lots of other/better options out there.
    suggestions?

  13. #13
    Join Date
    Jan 2004
    Posts
    4,153
    Quote Originally Posted by t-the-east View Post
    This happened to our site over the summer too. GoDaddy calls you directly. A lot. It’s always a Phoenix, AZ number. They’ll call for plan maintenance, malware, just to say hi. They offered me the same BS removal/fix plan, my web designer fixed it for free. He’s been telling me to switch our hosting ever since, I’ll get around to it one of these days. You would think if you are paying for hosting, on a “secure” hosting site, they would take care of these things before they became a problem?
    I asked this question. he said it was like buying a house, you still security installed. Didnt find that very reassuring.

  14. #14
    Join Date
    Dec 2005
    Location
    Central OR
    Posts
    5,966
    Quote Originally Posted by skideeppow View Post
    suggestions?
    I use MyDomain, and have never had problems, but I know our IT guys aren't fans. Not sure why, though, as it seems to work for me.

  15. #15
    Join Date
    Nov 2011
    Location
    Ontario Canada eh
    Posts
    4,449
    If they did get hacked they should have Danica Patrick pay you a visit and give you an oil change as an apology


  16. #16
    Join Date
    Dec 2005
    Location
    Central OR
    Posts
    5,966
    Quote Originally Posted by Kenny Satch View Post
    If they did get hacked they should have Danica Patrick pay you a visit covered in oil as an apology.
    FIFY

  17. #17
    Join Date
    Nov 2014
    Location
    northeast
    Posts
    5,968
    godaddy sucks ass, although their domain names are cheap. what sort of hack job shop calls on your phone? lol

    what's the stack you're hosting?

  18. #18
    Join Date
    Apr 2012
    Location
    ¯\_(ツ)_/¯
    Posts
    12,122
    Quote Originally Posted by skideeppow View Post
    suggestions?
    Would depend on the site and what you're trying to do. What's it built on?

  19. #19
    Join Date
    Feb 2006
    Location
    Among Greatness All Around
    Posts
    6,886
    If you are using some sort of portal, add on, or application as part of your web site, there could be a vulnerability that may already have a patch out.
    I get an automatic notice if say Word Press or something like that has a new version or patch out to protect against a vulnerability that has been reported and patched. Backup your site, get a download of that backup and verify the issue. GoDaddy should at least tell you the package or what the issue is. Then you can Google or head to the support of the package and see what is up. If they do not at least point you in the right direction, then verify versions of each of the installed packages and see if they in fact are the latest. With good web hosting companies, they should at least through their ticket system be able to point you to the issue, even if they are not willing to fix the issue for free. If it is GoDaddy code (ie something that was done with their Site Builder code) and not some Open Source or standard package, then I'd suggest you move on to some other hosting. Also be very careful if the issue ends up using your email to spam others- GoDaddy has and will fine any of their hosting accounts if spam or even the complaint of spam is being sent through one of their accounts. Read your terms of service.

    If you move- look for a company that has really good ratings and recommendations over on Webhostingtalk forums for the type of site you need (assume you are on just a shared hosting server and not anything like a Virtual private server.)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •