GoDaddy hacked over the weekend

[HunkyLuke]

Around 455 GoDaddy hosted sites were found to be hacked and redirecting to malware sites last weekend. The hack involved the injection of hostile code into .htaccess files. GoDaddy helped its customers out by quickly scanning and removing the hostile code.

Investigations found that the hackers were able to login to accounts using their existing passwords, suggesting that GoDaddy may have been a target of some phishing activities (see attached screenshot of the hacked .htaccess file)

Although this wasn't a huge amount of sites out of the thousands that GoDaddy hosts, it does remind us all that phishing exists and that you should keep your PC secured with a good anti-virus program, plus you should use random, unique and complex passwords for every site that requires a log in.

[conran]

Wow, there really is a whole lot of this going around at the moment.
I for one would like to remind everyone to keep up to date with their wordpress version. I have clients still using previous versions even after widely publicized hacks.

You can lead a horse to water...

Saw some great tips on securing /plugins and restricting admin by ip that should definitely be used. If I dig them out I'll add them here.

Might not stop everything but but there are some very simple things that can be done to greatly reduce the risk of being hacked.

[tag]

wow yes good to think of security for this!

[PFLJayden]

I for one would like to remind everyone to keep up to date with their wordpress version. I have clients still using previous versions even after widely publicized hacks.

THIS IS A MUST GUYS!
We got hacked really bad if you remember correctly. This time it seems someone or something was after us and was very relentless. We lost over $40,000 worth of damage not to mention the 40 sum sites that were affected. We had to shut down many of our sites and sell the domains to compensate the cost of damage.

One thing I must say that after we did get hacked, it was too late to repair anything. It was found to come in through an old wordpress we had installed that we forgot all about.

In non-technical terms... The hacker got in, uploaded a virus. The virus was set somehow to attack one hidden file every 30 seconds. After it ate those destroying them, it wormed it's way to the main files. We could not go back to a recent backup date. It had been too late.

This could happen to you. Take a look at HunkMoneyLuke. He has a huge empire of websites. Luke relies on his paysites to earn his living. If Luke got wiped out, he would be in a horrible position. As would we all.

KEEP YOUR WORDPRESS, CMS, SHOPPING CARTS, OR ANY OTHER MEANS OF SCRIPTS AND PROGRAMS SECURED AND UP TO DATE! You could lose your entire business in minutes if not a matter of seconds. We nearly faced it. Luckily, our big profit sites were on another server. Otherwise, we would have faced the possibilities of going out of business. Members would cancel immediately, obviously no new joins, etc. And if you rebuilt and opened up shop, who'd trust you?

Always keep a list of domains that use wordpress or any other form of CMS's and such.

A calendar is always best to make yourself a note.

KEEP YOUR SITES BACKED UP ON A HARD DRIVE!
We now have 2 external hard drives everything is backed up on. Same copies. Double the backup. We update our backups every Friday.

You never know what could happen.