So hundreds of thousands of websites went down a couple of weeks ago when GoDaddy took a big ol dump through its DNS servers. Many of our clients (and possibly some of our newsletter subscribers and/or blog followers) have been wondering what exactly happened, how it can be prevented, and what the heck is a DNS server anyway? Here i will try to answer those burning questions.
Basically GoDaddy's DNS servers stopped working. That means that if anyone was using the GoDaddy system to point their domain to a host, the domain stopped pointing and therefore the website was "down".
How did this happen?
Oddly enough, there is some debate on that subject. At first the head hacker with the group anonymous who calls him/herself anonymousown3r claimed responsibility. However, Godaddy's CEO denies that claim in a blog post on Tuesday after the outage. Instead, he claimed it was caused by network issues.
“The service outage was not caused by external influences,” wrote GoDaddy’s Scott Wagner. “It was not a ‘hack’ and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables.”
Wagner also stressed that “at no time was any customer data at risk or were any of our systems compromised.”
That is all well and good, but there weren't alot of people who were worried about their personal information being lost or stolen... they were worried about their websites being down. Personally i think the whole statement by the CEO was smoke screen because if it was a DDoS attack, then godaddy was caught with his proverbial pants down. If Godaddy didnt have a plan to deal with something like this (and they obviously didnt) then everyone who uses them needs to be worried.
What is a DDoS Attack?
This wikipedia article goes into much more detail, but basically it is where some evil-doer decides to take down a website and programs a robot (or more likely several robots) to visit the website in question millions of times a second. This typically overloads the servers and causes them to shut down because they cannot keep up with the demand being placed on them. A DDoS attack is almost impossible to stop when it is focused on one website, but when it involves a whole DNS system there are ways to circumvent the issue until the attack stops. That is why anyone who uses GoDaddy should be worried... they should have had a plan to keep this from happening throughout their whole system which includes 14 (i think) different data centers throughout the world. They actually had to use a competitors system to get their own site back up and that is probably the most damning thing that happened.
What is DNS?
DNS stands for Domain Name System. It is what the big computer in the sky uses to figure out what server to send someone to when they click on or type in a domain name. To put it in very basic terms (see the wikipedia article for more details), each website is just a bunch of files sitting on a computer (called a server or host) that are displayed (or parsed) in a browser such as Internet Explorer or Chrome so that a human can look at them and make sense of them. Every server has an IP Address such as 192.168.1.1 or something similar - kind of like your phone number. Rather than trying to remember those numbers, DNS allows us to remember a domain name such as your-web-guys.com and just sends the browser to the correct IP address that that domain points to. It is a little more complicated than that, but you get the idea. So when GoDaddy's DNS system went down, nobody knew where those domains were pointing... even if they were not pointing to a Godaddy server. In other words if your domain was registered with Godaddy and you are using their DNS, even if your host is not GoDaddy, your website probably went down. The way to tell if your website is using their DNS is to check the whois data for your domain. If the domain servers listed are something similar to NS21.DOMAINCONTROL.COM then you are at risk.
How can I prevent this affecting my website?
Well, first of all you can have us be Your-Web-Guys 🙂 None of our clients were effected by the outage because we never EVER go through GoDaddy for much of anything. They are typically the cheapest, but we have found in the past that they are simply not reliable for many services. Of course, if we are not Your-Web-Guys, we can still help somewhat. Here are the instructions that mashable published in this article:
As soon as GoDaddy returns, you might be interested in switching to a new registrar. This is how:
Login to your GoDaddy account and head to the "Domain Management" section. This will open up a page that allows you to manage your various domain names.
Domain names are locked by registrars by default so that nefarious parties can't transfer a domain out from under the real owner. However, in order to transfer a domain to a new registrar, you must first unlock the domain.
After unlocking your domain, the next step is to get the authorization (sometimes called an AUTH, ACK or EPP code) code to bring to your new registrars.