Now would be a good time for GoDaddy users to be on alert for suspicious emails asking them to log in to, say, confirm their details: if in doubt, go straight to the GoDaddy website.
HOW TO TEST TLS 1.2 ON A GODADDY SERVER UPDATE
Under Apache Configuration, you will update the SSL/TLS Protocols field and enter: All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2 +TLSv1.3.
Last year it admitted to losing the SSH usernames and passwords for around 28,000 users.Ĭomes didn't say if any data had actually been exfiltrated from GoDaddy's servers, though did warn that the pairing of "email addresses and customer numbers" puts customers at risk of phishing. The steps are as follows You will need to access your WHM using your (root) user to get to the following location WHM Home-> Service Configuration -> Apache Configuration -> Global Configuration. GoDaddy's not exactly earning A+ grades so far. Please upgrade/update your client to support TLS 1. Youll also see the error message 421 4.7.66 TLS 1.0 and 1.1 are not supported. tsoHost pleads for 'patience and understanding' as sites borked, support sinkholed If you have issues sending and receiving emails or are using an older device, you may be affected by the end of support to TLS 1.0 and 1.1.Anonymous: We've leaked disk images stolen from far-right-friendly web host Epik.Web biz DomainFactory confirms: We were hacked in January 2018.GoDaddy hack: Miscreant goes AWOL with 28,000 users' SSH login creds after vandalizing server-side file."We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection," the exec added.
"We are in the process of issuing and installing new certificates for those customers." GoDaddy has not responded to a request for further details and exact numbers of users affected.
"For a subset of active customers, the SSL private key was exposed," Comes added.