undefined | Better HN

0 pointsdrivebyacct213y ago0 comments

I don't know as I didn't set it up, but I've used shared cpanels in the past and they give you one-click WordPress installs and advertised as a "one-click full solution".

Either way, when it came down to it, one of their other shared clients were compromised and their sandboxing was rather insufficient leading to most of the clients on that box having some sort of malware installed. I'm sure the person in question was targeted because it looked like a standard install and frankly, if I was targeting shared hosting providers, I'd create my malware to be easy to integrate with WordPress.

I hope that makes it more clear why I find it to be GoDaddy's fault. In the end of the day, they understood what was wrong, apologized and fixed it.

0 comments

watty13y ago

Well here's how it works. GoDaddy and all other host's "one-click" is installation only. It doesn't auto-update your WordPress install so yours likely contained an old security exploit and was easily hacked. This is by design, it would be bad to install a WP theme and then have your website broken because it auto-updated WP.

Even so, you never answered my original question. How'd you determine it was a sandboxing problem rather than your own WordPress installation being compromised? Seems even less so considering you didn't realize you had to update WordPress yourself.

drivebyacct2OP13y ago

Yes, I did answer.

They. Told. Me. It. Was. Their. Fault.

j / k navigate · click thread line to collapse