I moved all of my domains (60+) from them to namecheap after they killed off Fydoor's seclists.org domain without any warning.
Before that I had sampled their virtual domain hosting accounts, and unfailingly found their tech support to be clueless.
I got hit this morning with the exact exploit mentioned here, I was able to clean out the codebase and get a half-working site back up just so I could close it out properly. I felt awful, I was keeping everything up to date, following security best practices, I couldn't figure out what had went wrong. This article is making me completely rethink GoDaddy as a host, namecheap will probably be getting my business pretty soon.
What's even more disheartening is that until this point I have never really had a reason to dig into the WordPress code, when I did I found ridiculous "easter eggs" that to my well trained PHP eyes looked like malicious code. It wasn't until I verified that it was release code and was meant to look that way did I realize it wasn't part of the exploit. Take a look at wp-admin/revisions-js.php and tell me it doesn't look like some dirty exploit is hiding in there.
I understand your frustration with being stonewalled by GoDaddy support, but look at it from their end. Unless you can prove it's a vulnerability in their service, why should they take action?
This is something that they could have seen in about 2 minutes of opening the http file and visually scanning the few hundred requests prior to the file in question being created.
Why should they take action? Really? Your replying as if "taking action" means something more than not ignoring potentially actionable information.
Btw... they do not make any of the other logs available to their tech support, let alone their customers. They should look into it because only they can look into it. To suggest that they were in the right in not at least checking it out seems an odd stance to take, tbh.
Who uses GoDaddy for anything besides DNS?
After the headache that godaddya vulnerability caused, they sent me the exact same bullshit about updating wordpress. I have and always have updated wordpress and plugins within days of a new release.
Godaddy is for registering domains only, I learned that the hard way last weekend...
Also, I was in contact with a couple of people making money off of the base64 vulnerability: they have packages specifically for cleaning and securing the install. What's funny is that they have no way of securing it, just temporarily cleaning it until it gets hacked again. The article has some advice and you check out their services:
http://www.wpsecuritylock.com/cechriecom-com-script-wordpres...
