How Web Hosts Exposed Your Data & We Fixed It

Posted on March 5, 2021March 6, 2021Categories UncategorizedTags , , , , ,
An image of a chalkboard that says web hosting.
The words web hosting on a picture

This is a piece to show you what happens and has happened behind the scenes here at Planet Zuda to help the cyber security of the world.

The year we are discussing is 2010. Bitcoin had been invented a year prior so, this was a different era. Everyone cared about their website, but we were more interested in the security or lack thereof, of the webhosts for websites.

A company named after a color and that hosted websites didn’t keep their servers secure. You could find command line access to some of their server instances by google dorking. They did not respond to emails, they did threaten to sue us by voice, however. This was common place in this time period, but they never sued.

The lack of security of this one web-host got us looking into every web-host. Almost every single web-host in that time period leaked databases onto google.

We & GoDaddy Secured Your Data On Other Hosts

We teamed up with GoDaddy and their CISO Todd Redfoot. GoDaddy was very competent with their security and they became one of our clients. Basically the best client for this situation, that we could hope for.

Once we teamed up with GoDaddy, we contacted every single webhost via proxy of Godaddy’s security team. We were able to tell them how their server files were exposed right down to /bin/, to databases. There are two web-hosts that had good security posture during this era, lunarpages and MTMII. MTMII is a web-host our founder volunteered with.

Webhosting was the wild wild west for cyber-security, as there were no consequences for insecurity at that time except for negative articles. Still Many webhosts fixed their security posture when issues were reported to them by Godaddy. They did tighten up their security over the next 2 years of us working with Godaddy.

Now web hosts are way more secure, so you can’t just google dork and find their info in Google cache. Google dorking is completely legal, so all this info was legally available.

We hope you find these articles interesting and informative.