Coordinated Vulnerability Disclosure
As a company focused on empowering everyday entrepreneurs, GoDaddy is passionate about security and understands the importance of addressing security issues.
Every day, we deploy new features and enhance our products and website. We have processes in place - as well as a 24/7 security team - to protect our customers. We also know that no system is bullet-proof. Edge cases, unique scenarios and external dependencies sometimes make it possible to sneak through.
So, if you find an issue, please don't stay silent. Let us know immediately. This not only protects you, but the rest of the internet as well. Even if you're uncertain it's a real security issue, please contact us anyway.
What do I report?
Report anything you think is worth reporting. We'd much rather have you send us a non-issue than have us miss a potentially threatening issue.
Lifehacker put together some great tips on reporting an issue, such as...
- Document the steps you took to cause the issue.
- Write down or take screen shots of pop-up boxes or error codes.
- Make sure to include your browser and operating system (Microsoft Windows, Mac OS X, Linux).
- Provide valid contact information in the event we need to contact you for follow-up questions.
How do I send a report?
It's easy, just take the information listed above and email to firstname.lastname@example.org.
Our security team reviews every message that comes in and they will respond if further information is needed.
What happens next?
Our team will jump in and start the investigation. If they have any questions for you, they will reach out. After the investigation is completed, they will either fix the problem - or close the issue.
If you found a particularly important bug, you may be eligible for our Hall of Fame.
Thank you for helping to keep GoDaddy a safe and secure website, as well as the entire internet community.