MESSAGE
DISCLAIMERS HEADER
DISCLAIMERS
Canada
  • Name & Protect
  • Build & Grow
  • More
  • Domain Names
  • Search for Domain Names
  • Transfer Domain Names
  • Protect Domain Names
  • Browse Domain Names
  • Auctions for Domain Names
  • Generate Domain & Business Names
  • Investing in Domain Names
  • Find a Domain Owner (WHOIS)
  • Protect & Secure
  • Protect Against Malware & Attacks
  • Secure Your Website (SSL Certificates)
  • Back Up Your Website
Nav Variantb Nameandprotect 01 2X Learn More About Domains Nav Variantb Nameandprotect 02 2X Learn About Security
  • Websites & Stores
  • Website Builder
  • Online Store Builder
  • Let Us Make Your Website
  • All Hosting Options
  • Web Hosting
  • WordPress Hosting
  • Manage Clients & Their Sites
  • Connect & Grow
  • Email & Office 365
  • Digital Marketing Suite
  • See Our Latest Deals
Nav Variantb Buildandgrow 01 2X Explore Website Options Nav Variantb Buildandgrow 02 2X Learn to Grow Your Business
Contact Us 24/7

Keep your business open during COVID-19

Learn More

Call Us

Call our award-winning sales & support team 24/7
1-866-938-1119

Global Directory
Phone numbers and hours

We are experiencing high volume today, and as a result, you may experience longer than usual wait times.

Help Center

Explore our online help resources

Get Help

Blog Help

Notifications

  • You have no notifications.
    They'll be here when you get 'em.

Sign In
Quick Links
  • Control Panel Links:
  • Manage Domains
  • Manage Website Builder
  • Manage Hosting
  • Manage SSL Certificates
  • Manage Email
  • Inbox Links:
  • Office 365 Email Login
  • GoDaddy Webmail Login
Registered Users

Have an account? Sign in now.

Sign In
New Customer

New to GoDaddy? Create an account to get started today.

Create My Account
{{displayName}}
Customer #:{{shopperid}} | PIN: View
  • GoDaddy Pro
  • My Products
  • Account Settings
  • Renewals & Billing
Visit My Account Log Out
Checkout Now
GoDaddy

COORDINATED VULNERABILITY DISCLOSURE POLICY

Coordinated Vulnerability Disclosure

GoDaddy encourages researchers to work with us on potential issues in our services or on our website. In order to encourage researchers to work with us, we agree that if, in our sole discretion, we conclude that a disclosure meets all of the guidelines of the GoDaddy Coordinated Disclosure policy, GoDaddy will not bring any private or criminal legal action against the disclosing party.

Non-Qualifying Vulnerabilities

Any domain not contained within GoDaddy is out of scope for the purposes of the Coordinated Vulnerability Disclosure, as is all hosted customer content and third-party programs and plug-ins.

The following actions do not qualify for Coordinated Disclosure and should not be tested by researchers participating in the Program:

  • DoS, brute force, user enumeration or DDoS attacks
  • Physical attacks
  • Phishing attacks
  • Any bug that relies on Social engineering
  • CRIME/BEAST attacks
  • Logout CSRF
  • Banner or version disclosures
  • Missing SPF records
  • Directory listing (unless sensitive data can be found)
  • Blackhat SEO techniques
  • Any bug that relies upon an outdated browser

GoDaddy will not accept reports from automated vulnerability scanners.

Qualifying Vulnerabilities

GoDaddy will accept a report of any vulnerability that substantially affects the confidentiality or integrity of any eligible GoDaddy service. Eligible vulnerabilities include, but are not limited to:

  • Cross Site Scripting (XSS)
  • Authentication and Authorization Flaws
  • Cross Site Request Forgery (CSRF)
  • Remote Code Execution
  • SQL Injection
  • Directory Traversal
  • Click-jacking
  • Privilege Escalation

Suggestions for Good Reports

  1. The more detailed your steps for reproducing the bug, the better. This should include any pages that you visited, user IDs, links clicked, etc.
  2. Videos and images are always useful but are even more useful if accompanied by a description.
  3. Exploit code that consistently works can allow us to verify your vulnerability more quickly.
  4. Remember – details, details, details!

Confidentiality

Any information that you collect about GoDaddy, GoDaddy employees, or GoDaddy customers (“Confidential Information”) through the Coordinated Vulnerability Disclosure program must be kept confidential and may only be used in connection with the Program. You may disclose vulnerabilities only after proper remediation has occurred and you may not disclose Confidential Information without GoDaddy’s prior written consent. Any disclosure of Confidential Information outside of this requirement will result in immediate removal from the Program.

Legal

By participating in GoDaddy ‘s Coordinated Vulnerability Disclosure, you acknowledge that you have read and agree to GoDaddy’s Universal Terms of Service Agreement and Privacy Policy.

Your testing must not violate any law, disrupt services, or compromise any data that is not your own.

We love taking your call.

GoDaddy guides GoDaddy guides

  • About GoDaddy
    • About Us
    • Contact Us
    • Newsroom
    • Investor Relations
    • Careers
    • Trust Center
    • Legal
    • GoDaddy Blog
  • Support
    • Product Support
    • Community
    • Report Abuse
  • Resources
    • Webmail
    • WHOIS
    • ICANN Confirmation
    • Designers & Developers
    • Redeem Code
    • Product Catalog
    • Site Map
  • Partner Programs
    • Affiliates
    • Reseller Programs
    • GoDaddy Pro
  • Account
    • My Products
    • Renewals & Billing
    • Create Account
  • Shopping
    • Domains
    • Websites
    • WordPress
    • Hosting
    • Web Security
    • Email & Office
    • Promos

Canada - English
Choose your Country/Region
  • Argentina - Español
  • Australia - English
  • België - Nederlands
  • Belgique - Français
  • Brasil - Português
  • Canada - English
  • Canada - Français
  • Chile - Español
  • Colombia - Español
  • Danmark - Dansk
  • Deutschland - Deutsch
  • España - Español
  • Estados Unidos - Español
  • France - Français
  • Hong Kong - English
  • India - English
  • India - हिंदी
  • Indonesia - Bahasa Indonesia
  • Ireland - English
  • Israel - English
  • Italia - Italiano
  • Malaysia - English
  • México - Español
  • Nederland - Nederlands
  • New Zealand - English
  • Norge - Bokmål
  • Österreich - Deutsch
  • Pakistan - English
  • Perú - Español
  • Philippines - English
  • Polska - Polski
  • Portugal - Português
  • Schweiz - Deutsch
  • Singapore - English
  • South Africa - English
  • Suisse - Français
  • Suomi - Suomi
  • Sverige - Svenska
  • Svizzera - Italiano
  • Türkiye - Türkçe
  • United Arab Emirates - English
  • United Kingdom - English
  • United States - English
  • Venezuela - Español
  • Việt Nam - Tiếng Việt
  • Ελλάδα - Ελληνικά
  • Россия - Русский
  • Україна - Українська
  • الإمارات العربية المتحدة - اللغة العربية
  • ไทย - ไทย
  • 대한민국 - 한국어
  • 台灣 - 繁體中文
  • 新加坡 - 简体中文
  • 日本 - 日本語
  • 香港 - 繁體中文
CAD
  • Legal
  • Privacy Policy
  • Advertising Preferences
  • Cookies
Copyright © 1999 - 2020 GoDaddy Operating Company, LLC. All Rights Reserved. The GoDaddy word mark is a registered trademark of GoDaddy Operating Company, LLC in the US and other countries. The “GO” logo is a registered trademark of GoDaddy.com, LLC in the US.
Use of this Site is subject to express terms of use. By using this site, you signify that you agree to be bound by these Universal Terms of Service.