GoDaddy is probably lying, they were hacked. Prior to this attack they were running some ancient version of PHP (5.1.something I believe), and now they are running a much newer version released this May - I last checked on this quite recently, the timing of this may be coincidental or it might be relevant. They are still running a version of CentOS from 2010 (5.5). Sites on their servers are frequently infected with malware.

When you run a high volume, low cost sort of host like this it is extremely hard to keep up on security and performance related issues being such a high profile target. This is probably one time when things slipped, which will happen from time to time with a company like this.

Whether or not you feel this can be excused, there are a number of better web hosting companies out there. Bigger is not necessarily better when it comes to web hosting.

I couldn't agree with you more.

While I don't refute the fact that there are WAY better hosting companies out there (Rackspace, for example), running an old version of linux (CentOS 5.5, in this case) isn't necessarily an indicator of how likely you'll be hacked. Linux isn't like Mac or Windows, where later versions of the OS are inherently more secure.

On the contrary, a Linux Server install ONLY has the bare minimum services installed for that server to do it's job. For example; SSH, Apache, and a few other things, but excludes a GUI or other interfaces found in a desktop OS that would introduce potential vulnerability vectors. Given that you can keep those packages updated independently of the OS, and upgrading to (say) CentOS 6.2 doesn't really provide any real advantage, there isn't always a really compelling reason to upgrade. Additionally, they may have developed a bunch of internal tools that works perfectly in 5.5 but breaks in 6.2.

In summery, a linux server is a completely different animal than most people know as computers with Windows or Mac.

-Rick

Originally Posted by _Rick_V_


While I don't refute the fact that there are WAY better hosting companies out there (Rackspace, for example), running an old version of linux (CentOS 5.5, in this case) isn't necessarily an indicator of how likely you'll be hacked. Linux isn't like Mac or Windows, where later versions of the OS are inherently more secure.
On the contrary, a Linux Server install ONLY has the bare minimum services installed for that server to do it's job. For example; SSH, Apache, and a few other things, but excludes a GUI or other interfaces found in a desktop OS that would introduce potential vulnerability vectors. Given that you can keep those packages updated independently of the OS, and upgrading to (say) CentOS 6.2 doesn't really provide any real advantage, there isn't always a really compelling reason to upgrade. Additionally, they may have developed a bunch of internal tools that works perfectly in 5.5 but breaks in 6.2.
In summery, a linux server is a completely different animal than most people know as computers with Windows or Mac.
-Rick

I realize all of this is true, my pointing out that they were running CentOS 5.5 was just intended to support the theory that their servers may be updated infrequently in general. In addition to the very old PHP that was installed and available until only just recently, their servers lack Git and rsync, and still support FTP (although I'll cut them some slack for supporting FTP, many hosts still do for reasons that have never been clear to me).

Also, while what you said is true, in the Redhat world it can be difficult finding a source of packages for recent binaries with an OS as old as CentOS 5.5. If they really had DNS security problems, for instance, it is likely that the recent packages of bind are not available in the CentOS 5.5 channel anymore. They could roll their own packages, maybe they do, but at this point it is probably easiest for a company like this to plan some sort of update strategy rather than building their own stuff in perpetuity and/or backporting kernel related fixes.