GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches' GoDaddy has failed to protect its web-hosting platform with even basic infosec tools and practices since 2018, according to the FTC, but the internet giant won’t face any immediate consequences for its many alleged acts of omission. As one of the world's largest web-hosting companies, and a registry and registrar with about 82 …
Proof once again that the Internet is not important.
Not unless you're talking about TikTok, banning Huawei or the latest changes at Meta, that is.
A web hosting provider ? What's that ? Who cares ? Just pretend to be nice and go about your business.
These are not the droids you're looking for.
I had an email from a large customer last year asking why we were hosting our website with GoDaddy and if we were aware of their history of breaches. Fortunately it was just the website SSL certificate that came from GoDaddy, which is where he saw the name but the website is hosted securely (as much as any is). If the website had been hosted with them, we would likely have lost that customer and if one customer is writing an email, several others are thinking it.
Yet the SSL certificates from GoDaddy seem to end in a dead stop once you get there. There's no guarantee that the site you're visiting was registered by the company you expect it to be. Great place to set up a fake duplicate site, certs and all, for a legitimate business.
I was informed by email before Christmas that I'd won a prize in a booze company's prize draw. To claim the prize all I had to do was send proof of my age and my UK address. I wasn't returning that by email, so I asked for another method. They said I could upload a scan or photo of my passport or driving license and a copy of a utility bill in my name to a secure FTP server. OK, I said, I can check the certs on a FTP site. No I couldn't, it was GoDaddy. And this company had apparently passed Cyber Essentials for the last 6 years running (the current certificate had their first office address on it - they moved twice since then, so I'm not sure exactly what the CES inspector was doing other than rubber stamping a renewal), and had blog articles about how easy it was for people to fall for Prize Draw Scams (thus why a company should hire THEM to run promotions on their behalf to avoid brand reputation damage)... I found it all deeply ironic. Don't trust them, but do trust us! And all off the back of a GoDaddy site, which is only interested in one kind of client cheque/check verification.
This is a company so wonderful that it has its own (non-exhaustive) Wikipedia page listing the controversies it's stirred up. Non-exhaustive, because it doesn't mention the "history of sexist television commercials", or, indeed, the current contretemps.
I have been told that the one 'good' use of Godaddy is to use their virtual servers to run tor exits that only allow web browsing traffic because Godaddy will ignore most abuse complaints.
Tor exits are used by both people in countries with heavily censored internet and spammers running scripts to try to post spam on every wiki, forum and website with a comment box in existence.
Godaddy does respond to DMCA complaints if someone uses a VPS for copyright-infringing BitTorrent.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
