What GoDaddy customers should know about the data breach

Artashes

Administrator
Staff member
Web hosting accounts credentials at GoDaddy, the biggest domain registrar in the world, have recently been compromised, according to the information from the company itself.

The confirmation for the data breach was sent via email to an unknown number of customers to inform them of the data leak concerning their web hosting accounts’ credentials information.

The breach, as stated by the State of California Department of Justice, took place in October of last year.

https://www.hostingdiscussion.com/b...breach-at-godaddy-what-customers-should-know/
 
The amount of hosts i see that have SSH and just leave the port as 22.

The first thing any host should do if they have SSH access is to change the port
 
@easyhostmedia

Yeah, I think all hosting provider should use their custom ports rather than the default ports. I have changed all the default ports as well. FTP, SSH, Web control panel and other ports were changed a long time ago.
 
@easyhostmedia

Yeah, I think all hosting provider should use their custom ports rather than the default ports. I have changed all the default ports as well. FTP, SSH, Web control panel and other ports were changed a long time ago.

Web Control Panel is a difficult one as all clients will have access to this and like cPanel they will auto update and this cant be dont if you have changed the ports.
 
Since this was an SSH Keys issue, I'm not sure changing the port number would have an affect. I can't recall if the key binds to the port, but I don't think it does.

Been a while since I generated a key for SSH.

I can't remember what host I was working with the other day (possibly Cloudways?), but they had it set that even though I had an SSH KEY generated on the server, it would only allow the IP number specified in the firewall to access, so it was almost a double safety measure.
 
Since this was an SSH Keys issue, I'm not sure changing the port number would have an affect. I can't recall if the key binds to the port, but I don't think it does.

Been a while since I generated a key for SSH.

I can't remember what host I was working with the other day (possibly Cloudways?), but they had it set that even though I had an SSH KEY generated on the server, it would only allow the IP number specified in the firewall to access, so it was almost a double safety measure.

I think you can get an SSH key to bind to a port by using command prompts, but its a very complicated process.
But you would have though a company as big as Go Daddy would have better security in place to prevent this happening, unless this was initiated from the inside.
 
Top