How the GoDaddy hosting hack is affecting small businesses
In an SEC filing made public on February 16, 2023, GoDaddy finally admitted to falling victim to a multi-year hacking attack to their cPanel hosting service. While GoDaddy started hearing reports of their customers’ websites being used for phishing scams and redirects in December 2022, this security breach is connected to previous breaches disclosed in November 2021 and March 2020. You can read more about this GoDaddy hosting hack in this article.
But I want to focus on what this means for those of us who run our business websites on GoDaddy’s hosting.
FGM Internet Marketing’s Relationship with GoDaddy
First, I’ll begin with a bit of background of our use of GoDaddy products. FGM Internet Marketing has used GoDaddy’s services like domain registration, website hosting, SSL certificates, and email ever since we opened our doors in March 2011.
I have stuck with GoDaddy because I’ve found their customer support to be very good, and over the past decade, my websites (both business and personal websites) have experienced very few downtime issues.
I also recommend GoDaddy’s services to all of our clients, and I have actively moved our clients away from other hosting services based on the success I’ve seen with my own websites on GoDaddy. Having our clients’ websites hosted on GoDaddy gives them access to their excellent customer support, and sets them up on a reliable platform if a client transitions away from FGM Internet Marketing.
Many website development firms create their own hosting environments but I have not ventured into this space due to the level of IT knowledge needed to be a successful and responsive hosting service (basically, I can’t provide 24/7 customer support like GoDaddy can, nor do I have the knowledge and skill to fix any technical issues that may arise with hosting).
So our business website fgminternetmarketing.com and my personal websites eco-interviews.com and fionagmartin.com, as well as all of our client websites (except for one), are on the GoDaddy hosting platform, and all of these sites have suffered from malware attacks starting at the beginning of February.
How Malicious Software is Hurting Our Small Businesses
We were first alerted to issues with our clients’ sites when Google Ads started disapproving our ads for malicious software. As a digital marketing firm, we not only build websites, we run digital marketing campaigns for our clients. Google Ads and Facebook/Instagram Ads are a key part of many of our clients’ digital marketing strategies.
Google is quick to disapprove ads, and stop them all together, when their system is alerted to issues like a downed website, prohibited content, or malicious software. In our case, our clients’ websites are being hit with two issues:
- Insertion of links and articles to scam websites that sell things like prescription drugs;
- A forced redirect to a scam website so that when a user goes to our client’s website, they are immediately redirected to another website that’s either selling things like prescription drugs, or attempts to download malicious software to the user’s device.
Of course, this is not what we want to happen on our clients’ websites or our own websites. The tangible effects of this are:
- We can no longer run ads from Google and Facebook/Instagram to our clients’ website. These digital marketing channels are important lead generation tools for our clients.
- Distrust of our clients’ websites build, and that distrust could be transferred to our clients. This is unacceptable.
And for FGM Internet Marketing, we use our own website to highlight our services and expertise to potential clients. We can’t do that if our website does not work properly.
What We’re Doing About It
Since we were first alerted to the issue, our web development team has been battling the hacking attack by scanning and removing malicious software, links and files. We also keep backups of all of our clients’ websites as part of our website maintenance program so our team has been able to restore websites to previous “unhacked” versions.
But this hack attack is different. The above actions have previously been enough to restore a website to a clean, functioning version because many hacks are instantaneous in that once the malicious software is installed, it’s immediately activated. This means that a website version from last week or last month would not contain the malicious software.
But GoDaddy’s cPanel hosting was compromised as far back as March 2020. Could the malicious software and files have been on our servers for months, maybe years, before being activated, rendering our website backups infected as well? This is yet to be answered, but we do know that we have scanned and removed malicious code, as well as restored backups, multiple times this month only for the malicious software to reappear.
For the FGMInternetMarketing.com website and my personal websites located on that server, I paid GoDaddy their “ransom” of $300 for extra scanning and malware removal. I did this to see if this upgrade would resolve the problem before asking my clients to pay extra for the same service. Since the upgrade 2 weeks ago, my sites have been reinfected 3 times and counting. So the GoDaddy-recommended security upgrade does not resolve the issue.
Adding to my GoDaddy woes, my Launch – Web Hosting Plus (AutoSSL) was up for renewal. I purchased this hosting in February 2020 for $481. Their renewal price was $1,260 for another 3 years, triple the cost for a hosting service that is infected with malware. I called them and asked them to reduce the term to 1 year to make it more affordable – the cost for 1 year is now $420.
Our web development team are on calls with GoDaddy on a weekly basis to see if they can resolve this since it’s their system’s breach that is causing the continuing issues on GoDaddy-hosted websites.
If GoDaddy cannot resolve these issues in the coming weeks, we are exploring moving all of our websites away from their hosting to another hosting service. We are investigating hosting options now, and if this action is needed, we will facilitate all active FGM Internet Marketing clients over to the new hosting service.
Throughout this process, we’re grateful for the patience and trust that our clients have in us and our work. As a digital marketer and service provider, having our clients’ websites not functioning properly is about the worst thing that can happen. I am grateful for our web development team in their diligence in addressing this malware attack. Thank you so much to our clients, who we value greatly.
