I am definitely moving away from GoDaddy. I had some small sites on their shared servers that just got hacked again..<p>If you are not following, this is the 3rd mass hack at godaddy in just a few weeks:<p><a href="http://smackdown.blogsblogsblogs.com/2010/05/13/hosting-with-godaddy-might-want-to-rethink-that-decision/" rel="nofollow">http://smackdown.blogsblogsblogs.com/2010/05/13/hosting-with...</a>
<a href="http://blog.sucuri.net/2010/05/found-code-used-to-inject-malware-at.html" rel="nofollow">http://blog.sucuri.net/2010/05/found-code-used-to-inject-mal...</a>
These attacks are being done by the same group. In the last few weeks, they used:<p>http :// www.indesignstudioinfo. com
http :// zettapetta. com
http :// holasionweb. com
http :// www. losotrana. com<p>All of them registered by the same person (and hosted at the same IP). I had my share of problems with GoDaddy, but let's not forget that they are victims as well.
It common knowledge that shared servers at GoDaddy never have been anything better than average, but a lot of people think that GoDaddy still is the place to go for domains. Trust me, there are a lot of better options out there.<p>I really like <a href="http://www.internet.bs" rel="nofollow">http://www.internet.bs</a><p>Their domains are the among the cheapest on the internet (7.15$ with free privacy settings, Godaddy would take over 20$ for the same offer), they have great support, a great API, and a simple (although ugly) website/domain registration process. GoDaddy on the other hand, has a completely bloated UI designed into tricking you into buying a lot of junk that you don't need.
I'm not surprised. I use godaddy for hosting domain names but their interface seems really complex. This makes me think that they have an even more complex infrastructure with possibly many holes. It's also possible that they don't have yet fixed the issue because of internal bureaucracy.
I had a friend who was hosting at a relatively small ISP who got attacked similarly. Luckily, those attackers were very clumsy and broke HTML in process (didnt close tags properly), making detection very easy.<p>I was researching a bit on how these attacks are done, but still not sure on details.<p>Someone gains root on host machine and then gets to the individual instances?
The fact that HN users use GoDaddy for hosting is... well let's just say it challenged some of my lofty assumptions about the intelligence of HN users.