While working on the hacked website, we accessed the phpMyAdmin database administration tool that GoDaddy provided and found a situation we can’t recall seeing before with a web host. That would be the SSL encryption was “broken” on the server hosting phpMyAdmin.<\/p>\n
If you access that in Google’s Chrome web browser the connection is listed as “Not Secure”:<\/p>\n
This site uses an outdated security configuration, which may expose your information (for example, passwords, messages, or credit cards) when it is sent to this site.<\/p><\/blockquote>\n When looking at the Technical Details of that issue with Firefox, it states:<\/p>\n Broken Encryption (\u200bTLS_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.0)<\/p><\/blockquote>\n The domain name being used for that insecure server, secureserver.net, which isn’t an accurate name.<\/p>\n","protected":false},"excerpt":{"rendered":" One telling example of the web security industry’s lack of concern for security is how web host GoDaddy has continued to have rather poor security while first being partnered with one web security company, SiteLock, and then owning another one, Sucuri. An example of that poor security came up a few months ago while we … Continue reading “GoDaddy Hosting phpMyAdmin on Server With “Broken Encryption” With F Grade From SSL Labs”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[63],"class_list":["post-4740","post","type-post","status-publish","format-standard","hentry","category-bad-security","tag-godaddy"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/4740","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=4740"}],"version-history":[{"count":6,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/4740\/revisions"}],"predecessor-version":[{"id":4755,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/4740\/revisions\/4755"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=4740"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=4740"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=4740"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2021\/07\/not-secure.png\")
<\/a>You are warned that “Your connection is not fully secure” and that:<\/p>\n![\"\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2021\/07\/your-connection-is-not-fully-secure.png\")
<\/a><\/p>\n![\"\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2021\/07\/technical-details.png\")
<\/a>If you run that address through the SSL Labs tool<\/a>, the server gets an F grade:<\/p>\n![\"\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2021\/07\/ssl-labs-results.png\")
<\/a><\/p>\n