Back End security issues with Websites and Email Servers

[marge_rohr]

Talking about websites and blog sites; I don’t know what questions to ask when talking about the “back end” of any site your going to use. For example, GoDaddy is where my domain name is. What can they access of my private emails and let’s say website if directed there? Same as, let’s say WordPress or others? You are loading up your info on their platform right? So is anyone else concerned about the access they may have to you and your clients communications and information? I have already had someone use one of my images that was not authorized. Makes me think about more possibilities?? Any thoughts?

[Rick Bortnick]

Things to consider:

 

1 - GoDady is a "host" which makes you their "guest".  As to what they can or can not do ... that is all spelt out in very intricate detail under their EULA (or equivalent). You did read it ... right?

2. As to their ability to access your communications and information ... well ... what makes DoDaddy different from your internet provider?  They have the same ability to access your communications, information, and also websites you go to, etc.  Are you worried about them? (You did read the EULA/fine print when you signed up for service ... right?)

3. Many of us have had images stolen/used without permission. If it is an organization write to them, If it is a hosted site write to the host, that worked for me.

 

Just a few thoughts

[PapaTango]

I am guessing that your account with GoDaddy is on a shared server hosting plan.  In the past years I have had experience with GoDaddy simply as a domain registrar.  Never would I consider hosting with them.  But, that's just my opinion.

System admins can see anything that is in your account's "root" storage space.  They would hardly have the time or interest unless your operations or content creates some sort of stir--internally or externally.  Consider that in a single shared server on a multi-server blade rack may host dozens to a hundred different accounts.  They are often assigned a single IP number--so your IP is the same as all of the others.  If one becomes a bad actor for some reason--you along with others can be put on the naughty black list.

SSL certificates are the most important thing in securing email and websites.  This is where the https:// over http:// comes from.  An increasing number of browser and antivirus solutions will try to block simple http:// sites now, and having one increases search engine rankings.  GoDaddy's Economy plan teases account holders with a "free' certificate that after one year renews for $99.  Don't do it.  From Deluxe to Maximum plans, it continues to be free--but there are some proviso's in the certificate itself.  Never buy the cheapest plan with any bulk host as you will often find it oversold, filled with sketchy sites being hosted--all of which can affect your performance and reputation.

GoDaddy and HostGator are also famous for security exploits in their shared servers.  One bad apple infects the barrel.  Poor malware protection in shared accounts is common.  These accounts are also often the brunt of Brute Force attacks which slow down or manage to hack into your site(s).  As with any site, vulnerabilities in whatever platform you are hosting (WordPress, Joomla, or other) can let the 'black hats' in.  DDoS protection is often sketchy as well.

As to internal snooping, system administrators must be able to access things in your account to administer or correct issues. But with email servers in your account, these are not kept as 'files', rather as part of a table in a MySQL or Maria database.  This is also where all the settings and text information you add to your site lives.  If you have several domain sites, PLEASE never use the same database for more than one site.  Not is that hard to maintain, but if there is a database problem for any reason--it will affect all your sites.

Google is your friend.  Start by looking at what GoDaddy says they offer, and then learn more about that and their reputation elsewhere.  Then you are a bit more informed and can make happier decisions.

I have had clients that have had bad experiences with GoDaddy.  I have had bad experiences with HostGator.  Several of them.  My experience with InMotion Hosting has been very good--in both their VPS and Shared plans.  Cost is always a consideration so look for specials.  And never, never get the cheapest solution.  You do indeed get what you pay for...