So I have already posted one time about what happened to me a few days ago.
I was working with my programmer on my sites and I woke up in the morning and they were all gone
403 page on all of them
I call Godaddy and they tell me some files are missing
Since I did not take the back up as I was supposed, I had to do a restore at the cost of $200.
Plus, I even lost much of the work recently done
I asked Godaddy to tell me the IP from where the last changes have come through but Godaddy will not tell me for "privacy" reasons.
I have still to understand whose privacy is Godaddy going to protect, since it is not mine, maybe they want to protect the privacy of the hacker who apparently hacked my site?
Matteo from Japan
Sorry to hear about your situation with your website being compromised. However, I did want to address your concerns of the I.P. address. In most cases the I.P. it self will usually come from a proxy server and will not give factual information as far as were the compromise actually occurred from.
With that said, many CMS applications have I.P. loggers and can be used to block and restrict I.P. ranges as well as track I.P. traffic. As the responsibility of the security of the website belongs to the website owner it is important to research these options and take the necessary precautions in order to avoid future compromises from occurring.
Hope this helps!
If the IP address is useful or not it is my business to decide
Why you are not disclosing?
Matteo from japan
MAtteo, the EXACT same thing happened to me two weeks ago.i woke up and there's not a trace of anything left in my CPanel, it makes me wonder what's going on at Go Daddy. CPanel is supposed to be sacred. ??? My sites were unrecoverable despite the money..frankie. Ps..they told me they weren't able to give me the IP address of the hacker..maybe there wasn't a hacker but internal error
We cleaned it up, reinstalled and upgraded Modx, purchased security package from GoDaddy and now again we just received notice from Google that hacked content has been detected on our site.
What more can we do?
Is there a way to figure how the hack is happening? Maybe a compromised computer that is accessing the Modx manager?
P.S. On our SiteLock dashboard, in the scan settings how should we set the scan settings? It says that it will use up bandwidth if we set the scan to run daily. What is the best setting for these scans? Monthly, weekly, or daily?
We've just had the same issue... wake up and most of our code is missing, we suspect an ex developer, but Godaddy says there's been no activity in our account. The changes between our test site and our live site are dramatic. It's now in the hands of our lawyers, maybe he'll get some answers
Makes me wonder if it's not a ploy by GoDaddy to sell additional products. Hum.... It's hard to trust ANYONE these days.