Comments on: GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission

By: Experiences with using GoDaddy, Linux Web Hosting | The (Unorganized) Musings of a Computer Scientist

Sun, 15 Jan 2012 05:05:19 +0000

[...] I first tried to accomplish goal #2 — the first thing I learned was that SSH functionality is an ‘opt-in’ program. In other words, you have to explicitly ‘activate’ the feature (instructions on how to do this are here: How to Enable SSH Access to your GoDaddy Hosting Account). Before I went ahead and pushed the Button, I did a Google search on any security implications of allowing SSH access (sorry, it’s the Computer Security in me!). Luckily, nothing glaring popped out in the search results — though, the following article did provide an amusing read: GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission. [...]

By: 文件同步让生活更轻松(1) | 坚果铺子博客

文件同步让生活更轻松(1) | 坚果铺子博客 — Fri, 22 Apr 2011 14:46:42 +0000

[...] 最简单的办法是使用同样的账户和密码, 但是, 这可是个坏主意. 因为, 有很多网站并没有对密码进行安全的存储和管理, 一旦出现问题, 黑客能够很容易的恢复出你的密码. 犯下这种错误的甚至包括很多知名网站, 例如Apache, Plenty Of Fish 和 GoDaddy. [...]

By: Adrian

Adrian — Mon, 06 Sep 2010 13:57:43 +0000

I'm thinking that too. But if it was NOT in the contract, it's basically breaking and entering.

By: Adrian

Adrian — Mon, 06 Sep 2010 13:51:08 +0000

From your logic, a landlord has the right to barge in to your rented home at any time.

By: Anonymous

Anonymous — Fri, 16 Apr 2010 09:56:27 +0000

http://tools.softsutra.com/locip/index.php >> Get Ip Address & Location Of A Person….Best Tool I Found To Get Some One's Computer Information… X

By: paul

paul — Thu, 25 Mar 2010 16:20:35 +0000

i moved to gandi since i discover bad issues from godaddy reading one day in nmap.org, after this i think i was totally righ migrating from then

By: Anonymous

Anonymous — Tue, 09 Mar 2010 23:36:25 +0000

Former GoDaddy Investigator here. Did you read your Terms of Service. GoDaddy reserves the right to access your dedicated hosting box at any time for any reason and yes they do encrypt customer passwords. What you experienced is not out of the norm. They've got thousands of dedicated hosts all crammed together on the same network and are charging you a fraction of what it would cost for you to have your own truly private box on your own truly private network. The reason they wanted to investigate your box is because it strange or large amounts of traffic was detected to or from you box. Granted, it's legitimate… but they won't know that without investigating.

There are a lot of bad people out there who use stolen credit card numbers to get dedicated hosting boxes and use them for malicious purposes. Any not having any right to investigate, would result in absolute chaos. Imagine if they didn't investigate anything. I can guarantee your box would be under a DoS attack from another dedicated host right now, or the network would be completely congested with port scan, or your box could be infected or compromised leading to other customers getting infected or compromised. It's for the greater good my friend. A word to the wise, be nice to them and explain what the traffic is… There are no-name hosting providers that don't give a ****. Those hosting providers typically can't brag about 99.9% uptime because so often they have botnets and infections running wild. Think on that a bit…

By: Anonymous

Anonymous — Thu, 04 Mar 2010 03:57:48 +0000

Switch to Linode .

By: Anonymous

Anonymous — Fri, 26 Feb 2010 09:45:45 +0000

I have never had a problem with linode.com doing anything like this. I'm not sure if your VPS is considered managed or not, but if not, I would drop them like a hot potato.

As it is Godaddy lost me as a customer several years ago due to their abusive customer service reps.

By: Anonymous

Anonymous — Fri, 26 Feb 2010 06:04:09 +0000

Someone got first but I'll say it again:

linode.com