Operation Cleanup GoDaddy

Status: In progress — sweetcakesandroses.com fully migrated + HTTPS live; all 7 databases deleted; imagemadedesign.com on Cloudflare (NS propagating); EverydayPotential blocked on client decision; Google Sheet updated 2026-03-26 Goal: Audit all sites on GoDaddy, migrate active ones, shut down the hosting account entirely.

Current State (as of 2026-03-26, updated evening)

imagemadedesign.com — Cloudflare Setup (DONE)

• Cloudflare zone: Created, Free plan, Zone ID 51305a61618061fbf4d97d8f8940a79f
• Nameservers: Updated in GoDaddy API → ace.ns.cloudflare.com + aida.ns.cloudflare.com (propagating, 1-24hr)
• Email Routing: Enabled, status: ready
• mike@imagemadedesign.com → kristin.dekay@gmail.com ✅
• kristin@imagemadedesign.com → kristin.dekay@gmail.com ✅
• info@imagemadedesign.com → kristin.dekay@gmail.com ✅
• ⚠️ Destination address pending verification — Cloudflare sent a verification email to kristin.dekay@gmail.com; she must click the link before routing goes live
• MX record: Removed old M365 MX (imagemadedesign-com.mail.protection.outlook.com); Cloudflare added its own routing MX records
• SPF: Updated to v=spf1 include:_spf.mx.cloudflare.net ~all
• Website: A records still point to GoDaddy parking IPs (3.33.251.168 / 15.197.225.128) — needs redirect rule to grainandmortar.com once NS propagates
• Pending: Cancel GoDaddy Email Essentials Basic (3 mailboxes: mike@, kristin@, info@)

Current State (as of 2026-03-26)

Hosting Account

• Server: p3plzcpnl506184.prod.phx3.secureserver.net
• cPanel URL: https://p3plzcpnl506184.prod.phx3.secureserver.net:2083
• cPanel user: uwe0rc3gjsnb
• Primary domain: imagemadedesign.com
• Shared IP: 23.229.192.3
• cPanel access method: Browser session (no SSH yet — password auth failed, key auth not working on this plan)

What's Left in public_html

As of end of 2026-03-26 session, public_html contains only:

EverydayPotential/   — WordPress 3.1.2 (ancient), active addon domain, awaiting client decision

SweetCakesandRoses deleted via cron after successful GitHub Pages migration. All other legacy content (~35 directories, malware files, orphaned client sites) deleted earlier same day.

Backups Created (on server at /home/uwe0rc3gjsnb/)

• public_html_backup_2026-03-26.zip — 503 MB full backup of everything before cleanup
• EverydayPotential.zip — 8.8 MB (also saved to Eric's Desktop)
• EverydayPotential_db.sql — 1.9 MB DB dump (also saved to Eric's Desktop)
• SweetCakesandRoses.zip — 9.4 MB (also saved to Eric's Desktop)

Pending Decisions (Blockers for Account Closure)

1. EverydayPotential

• Domain: everydaypotential.com (registered in GoDaddy, expires 2026-11)
• Platform: WordPress 3.1.2 (2011 — extremely outdated, security risk)
• DB: eve1033108370967 / Everdayp1 / localhost
• Email: Microsoft 365 (already off GoDaddy)
• Status: ⏳ Waiting to hear from client on hosting preference
• Options discussed:
• Convert to static HTML (scrape with wget) → host free on Netlify/Cloudflare Pages/GitHub Pages
• Keep as WordPress → free hosts exist (InfinityFree, 000webhost) but unreliable
• Key question: Does client need to log in and edit content? If not, go static.

2. SweetCakesandRoses ✅ MIGRATION COMPLETE

• Domain: sweetcakesandroses.com (registered in GoDaddy, expires 2028-02, expiration + transfer protected)
• Platform: Static HTML (NOT WordPress) — about, cakes, catering, contact, flowers, decorations pages
• Email: Microsoft 365 (already off GoDaddy hosting) — ⏳ pending decision (see below)
• Status: ✅ Live on GitHub Pages, DNS propagated, files deleted from GoDaddy hosting
• GitHub repo: https://github.com/ericdowns/sweetcakesandroses
• DNS: A records → GitHub Pages IPs (185.199.108-111.153); www CNAME → ericdowns.github.io
• HTTPS: SSL cert at authorization_created state as of 2026-03-26 evening — auto-provisions shortly (Let's Encrypt via GitHub)
• GoDaddy files: Deleted via cron job 2026-03-26

Email Decision Pending

Current M365 setup may be through GoDaddy. Two options discussed: - Cloudflare Email Routing (free): Same as imagemadedesign.com — forwards inbound to their Gmail. Can't send from domain address. - Google Workspace ($6/user/month): Full mailbox, send + receive from domain. Clean, no GoDaddy dependency. - Key question: Does client actively send from their domain email? If yes → Google Workspace. If just inbound → Cloudflare routing.

Work Completed 2026-03-26

Hosting Discovery

• Accessed cPanel via Chrome MCP (browser session)
• Used cPanel UAPI (JavaScript fetch with credentials) to enumerate everything
• Found 11 addon domains originally — user removed 9 manually, leaving 2 active
• Confirmed all sites on this account use 23.229.192.3 (GoDaddy hosting IP)

Cleanup Executed

• Zipped full public_html backup (503 MB) via cron job
• Deleted all legacy content via cron: find public_html -maxdepth 1 -mindepth 1 ! -name "EverydayPotential" ! -name "SweetCakesandRoses" -exec rm -rf {} +
• Found and deleted malware artifacts:
• EverydayPotential: bobbye-commend.php, okwftgbr.php, xskadffp.php (all 0 bytes, Sept 2024)
• SweetCakesandRoses: mptnhqhi.php (5.45 KB webshell, 2021), phishing_exabyte.php (0 bytes)
• Root public_html: 17 random PHP files (Sept 2024, malware remnants from prior hack)
• Cleared all error logs and access logs

cPanel API Notes (GoDaddy Restrictions)

GoDaddy shared hosting has severely restricted the UAPI. What works: - Fileman/list_files ✅ - Fileman/save_file_content ✅ - Fileman/get_file_content ✅ - DomainInfo/list_domains ✅ - Mysql/list_databases ✅ - Email/list_pops ✅ - Cron/add_line + Cron/remove_line ✅ — This is the workaround for file ops

What's blocked (all file manipulation endpoints): - Fileman/delete_files ❌ - Fileman/compress ❌ - Fileman/move_file ❌ - All API2 Fileman destructive functions ❌

Workaround: Use cron jobs to run shell commands (zip, rm, mysqldump). Works reliably.

Email

All three domains (imagemadedesign.com, everydaypotential.com, sweetcakesandroses.com) already point to Microsoft 365 via MX records. Nothing to migrate.

Domain Inventory

See Google Sheet for full interactive inventory: https://docs.google.com/spreadsheets/d/1SJV6By9wUdFnqC_DLoRE302A7trBt8cb5fkNx4NQEJ8

Quick Summary by Category

GoDaddy Hosting (1 domain remaining): - everydaypotential.com — WordPress 3.1.2, awaiting client decision

Migrated off GoDaddy hosting this session: - imagemadedesign.com — now on Cloudflare (NS propagating), email routing configured - sweetcakesandroses.com — now on GitHub Pages, live at sweetcakesandroses.com

Parked at GoDaddy (domain-only, no hosting, 23 domains): All pointing to GoDaddy's AWS parking infrastructure. No action needed until decisions made.

Off GoDaddy entirely (registered here, hosted elsewhere): - grainandmortar.com → Cloudflare/Flywheel (G&M primary) - arborhallomaha.com → Wix - gandm.co → DigitalOcean - gatecityguide.com → Linode - happyomaha.com, territorygroup.co → Fastly - acmeautoservice.com → Afternic (listed for sale)

API Capabilities

GoDaddy Domains API

Key in 1Password: "GoDaddy API — G&M" (G&M vault)

Cannot do: cancel/delete registration, transfer out, anything hosting-related.

cPanel Access

• No working SSH (password wrong, key auth broken on this plan)
• All file operations done via cron job workaround
• Browser session required for cPanel API calls (Chrome MCP)

Research Notes

GoDaddy API Auth

• API Key: in 1Password "GoDaddy API — G&M"
• Header format: Authorization: sso-key KEY:SECRET
• Base URL: https://api.godaddy.com/v1/

cPanel API Access Pattern

// From browser tab already logged into cPanel:
fetch('/cpsess[SESSION]/execute/[Module]/[Function]', { credentials: 'include' })

// For write ops (cron, SSH keys):
fetch('/cpsess[SESSION]/json-api/cpanel', {
  method: 'POST',
  body: new URLSearchParams({ cpanel_jsonapi_module: '...', cpanel_jsonapi_func: '...', cpanel_jsonapi_apiversion: '2', ...params })
})

Cron Workaround Pattern

// Add cron (runs every minute)
// Capture linekey from response
// Wait 75-90 seconds
// Remove cron using linekey
// Check results

Decisions Log