See the updates below.
When most people hear the name GoDaddy, they probably think of racy Superbowl ads and maybe think of web site hosting and domain names (you know, what the ad is selling). Some of you may even know that they were having some major problems today. Or you may know that you weren’t able to access a web site or two. Or you may have lost a little hair trying to figure out why YOUR web site was down.
What was the problem?
According to posts on Twitter, it appears that a member of Anonymous attacked GoDaddy’s infrastructure this afternoon (http://techcrunch.com/2012/09/10/godaddy-outage-takes-down-millions-of-sites/). It appears that the attack was targeted at their Domain Name System (DNS) servers. DNS is the method used to translate domain names (i.e. www.mycompany.com) to Internet Protocol (IP) addresses (i.e. 220.127.116.11). These addresses are used by computers to find the servers that host the web site that you’re looking for.
As cyber-attacks go, this was probably the most visible way to hit GoDaddy. Why?
Although GoDaddy has lost lots of customers over its various controversies, bad service, and aggressive business tactics, they still host a lot of web sites. However, what they host far more of is domain names. Many people will buy their domain name from GoDaddy, but run their web site on their own server or with another company. So, attacking GoDaddy’s web servers might inflict a lot of damage, but attacking their DNS servers causes much more pain for customers.
Some people say “so what … some small businesses web sites are down for a while.” If that were the case, I’d agree. However, DNS being offline can cause a lot more headaches than just your web site being down.
For instance, when you send an e-mail to firstname.lastname@example.org, how does your e-mail server know how to find mycompany.com’s e-mail server? Through the DNS system. How do remote employees connect to their offices? Probably through a VPN, that they access via a domain name like vpn.mycompany.com. If a business needs to transfer files to a client, they probably host the files on their FTP server and tell the client to connect to ftp://files.mycompany.com. But if there’s no DNS, how do the computers translate those names into the numerical addresses that they understand?
So DNS services being offline is a big deal for organizations that buy their domain names through GoDaddy. I don’t know GoDaddy’s statistics, but I know that it’s not just mom-and-pop shops that buy their names through GoDaddy.
How can I prevent this for my domain?
Don’t put all of your eggs in one basket. If you do need your DNS for more than just your web site, make sure that it can be available even if one provider goes down.
For instance, you may host your web site with GoDaddy and they also manage your DNS. You can also get a second DNS, like Amazon’s Route53, as a backup. In your DNS settings on GoDaddy, you’d enter Amazon’s DNS server information in addition to the GoDaddy information. That way, if the GoDaddy servers are inaccessible, DNS clients will look to the Amazon servers for your information.
Keep in mind that this means when you make a DNS change (which probably isn’t all that often), you will have to make it in both places or else you’ll end up with problems.
Also remember that if GoDaddy is having problems with the web servers instead of DNS (or in addition to DNS), this won’t help your web site stay available, but it will keep your domain names available for all other functions.
[9/10/2012 @ 8:19pm EDT]
Apparently to get back online, GoDaddy has moved their DNS service over to competitor Verisign (http://www.wired.com/wiredenterprise/2012/09/godaddy-moves-to-verisign/?utm_source=twitter&utm_medium=socialmedia&utm_campaign=twitterclickthru).
[9/10/2012 @ 8:26pm EDT]
It looks like the “we’re having problems” splash page is gone from GoDaddy’s main web site and the normal site is back is place.
[9/11/2012 @ 1:15pm EDT]
This morning, GoDaddy released an official statement. They insist that the issue was not caused by a distributed denial of service (DDoS) attack, as a member of Anonymous had claimed, but was instead caused by “a series of internal network events that corrupted router data tables.” They also point to the fact that they have maintained 99.999% uptime on their DNS infrastructure. Assuming that they have had no other DNS outtages in the past year, this is correct, as they were down for approximately six hours yesterday and “five nines” allows for about eight hours and forty-five minutes of downtime in one year period.