Like many companies that have experienced security breaches this year, GoDaddy was just added to the list.
According to Tech Crunch, the well-known domain name registrar experienced a breach that exposed the data of over 1 million of its customers. Because GoDaddy had to disclose the security breach to the SEC, the information is now publicly available and well-documented online. The issue first occurred in early September and appears to be isolated to GoDaddy’s Managed WordPress Hosting product.
What is Managed WordPress Hosting?
Hosting companies like GoDaddy and WPEngine offer complete managed plans for WordPress sites. These managed plans, like GoDaddy’s managed service, make it easy for hosting providers to update plug-in and theme files on a website. And because WordPress operates close to 33% of websites online, many people sign up for these hosting plans.
Managed Hosting vs. DIY Hosting
Anyone can sign up for a hosting account through any of the many hosting providers online. Companies like Host Gator, Bluehost, GoDaddy and Host Monster offer entry-level hosting plans that make it easy for any novice WordPress web developer to start hosting a site. However, any of these DIY plans require the web developer to know how to manage a WordPress environment. This entails updating PHP versions, updating core WordPress files, theme files and plug-in files. If you’re not familiar with website maintenance and running diagnostics on a site, you may quickly find yourself puzzled trying to set up a site. For this reason, companies offer slightly more expensive options to manage the process for you. On a plan like GoDaddy’s Managed WordPress Hosting, there are tools and processes in place to keep your website updated and secure. Theme and plug-in files are checked anytime an update is required, and any issues are noted in GoDaddy. A managed plan makes it easier for the business owner who doesn’t have the time or experience to manage a site.
What You Can Do About the Security Breach
If you currently host your website through GoDaddy’s Managed WordPress plan, first thing is first: change your password. Your GoDaddy password is the key to your account and may have been compromised. Change your password as soon as possible and consider two-factor authentication. It may be annoying to have to provide a passcode every time you log into your account, but it will help keep things secure.
Next, take a look at your WordPress site to make sure everything looks as you expect it to. Jump onto your website’s backend to identify any outdated plugin or theme files. Make a backup of the site and then update everything you need to. Lastly, consider a security and/or firewall plug-in for your website. This will further ensure it is protected from any unwanted issues. Certain plug-ins will notify you as soon as someone tries to log into the site and will inform you of where they are coming from.
Should You Move Away from GoDaddy?
While this situation is unfortunate for GoDaddy’s customers, the reality is that it can happen to any company. Even if you choose to move your domains and website hosting to another company, there’s always a chance that they could be next to get hacked. Go ahead and evaluate your options and the time it would take to move your website to another provider, then decide if it’s the right time to move to another company.