WordPress hacked via GoDaddy

[Apple_Robert]

"Anything up to 1.2 million users have seen their email address and customer number exposed, as well as admin passwords for both WordPress sites hosted on the platform, as well as passwords for sFTPs, databases and SSL private keys."

GoDaddy discloses recent security breach that exposed 1.2 million accounts

The hack relates to GoDaddy's WordPress hosting service.

www.engadget.com

 

[yitwail]

Only thing GoDaddy is good for is domain registration. If this influences people to switch from GoDaddy, it could make my life as a web developer a bit easier.

 

[saudor]

Only thing GoDaddy is good for is domain registration. If this influences people to switch from GoDaddy, it could make my life as a web developer a bit easier.

Not even. GoCrappy is crap for everything. Their domain registrations are so overpriced compared to places like cloudflare. Not sure why people use them. They're so slow and garbage. If a site is compromised, 9/10 it's on gocrappy.

 

[Boyd01]

Still using the same small regional hosting company I started with around 2008, they have been great. Will reach my goal of being WordPress-free before the end of this year, replacing my old WP sites with my own custom code written from scratch.

WordPress is great in that it lets you put together a nice website quickly. But as soon as you start customizing with a bunch of plug-ins, it gets problematic. Hackers aside, I just got tired of my sites breaking when the latest WP upgrade broke a plug-in or theme that the developer is no longer supporting.

 

[macintoshmac]

I just got tired of my sites breaking when the latest WP upgrade broke a plug-in or theme that the developer is no longer supporting.

My emotion exactly. It is beyond crazy how frequently this happens and how much I had to care. Fortunately, my dalliance with WP has only been long enough for me to know it adequately. I stay away from this and try my best to keep clients off of it.

 

[PeterJP]

Does this impact WP users that are not using GoDaddy?

 

[BrianBaughn]

Does this impact WP users that are not using GoDaddy?

It shouldn't unless they have had a GoDaddy account and are still using a password from that time.

There is also the possibility that someone could be using a GoDaddy reseller, I suppose, and not know it.

 

[yitwail]

WordPress is great in that it lets you put together a nice website quickly. But as soon as you start customizing with a bunch of plug-ins, it gets problematic. Hackers aside, I just got tired of my sites breaking when the latest WP upgrade broke a plug-in or theme that the developer is no longer supporting.

I don't know about that, it's work for those of us who fix the broken sites. But in part you mitigate this by limiting the number of plugins, and staying with well-established, regularly maintained themes & plugins. I roll my eyes inwardly when I work on a site with a theme that has a few hundred sales on Envato or a plugin that's been downloaded a few hundred times. I may get in trouble for saying this, but using a basically untested theme or plugin is like immediately upgrading to the latest major MacOS release.

 

[BrianBaughn]

I don't know about that, it's work for those of us who fix the broken sites. But in part you mitigate this by limiting the number of plugins, and staying with well-established, regularly maintained themes & plugins. I roll my eyes inwardly when I work on a site with a theme that has a few hundred sales on Envato or a plugin that's been downloaded a few hundred times. I may get in trouble for saying this, but using a basically untested theme or plugin is like immediately upgrading to the latest major MacOS release.

Yep. Check the date of the last update for a plugin. If it's more than a few months stay away from it.

 

[clarencek]

This is misleading. Wordpress was not hacked. Go daddy was hacked and Wordpress sites that go daddy was hosting became compromised because go daddy credentials were hacked.