Showing results for 
Show  only  | Search instead for 
Did you mean: 

GoDaddy shared Windows hosting compromised

Something in the GoDaddy shared Windows hosting server my site uses has been compromised. Some other site on the same server has been hacked, and that hack is then compromising my site and hosting, and almost certainly others on that shared hosting as well.

In short, my blog uses ASP.NET (*not* PHP), my web.config file is being altered by some process to force a call to an added obfuscated PHP file, which then redirects visitors to various other dodgy sites (eg, pharma sites).

Rather than write it all down here, or even try and phone up and explain it to support, I've written it up as a detailed post on my blog. I've even de-obfuscated the added PHP file there.
GoDaddy shared Windows hosting compromised



I recently (19/03/2019) encounterd exactly the same problem with our website.
How is it possible that the web.config file is accessible by hackers?