According to programmer Igor Kromin, issues with his own website's admin interface, hosted by the popular web hosting service, prompted him to examine the code to detect any problems.
See also: NASA internal app leaked employee emails, project names
Customers in the United States and those using cPanel Shared Hosting or cPanel Business were automatically opted-in to the service.
The collection of metrics and performance data is a common practice for many, and some webmasters will bolt-on their own collection systems in backend systems for increased visibility into how their website is performing.
CNET: Huawei sacks employee arrested for allegedly spying for China
The system at hand is based on W3C Navigation Timing and while not a security issue, if website breakage is a possibility, a default opt-in was not necessarily fair or reasonable.
Most customers are not expected to be impacted by RUM, but websites involved in Google's AMP (Accelerated Mobile Pages Project) or with pages ending with multiple ending tags might be more susceptible to breaks or slow performance issues.
TechRepublic: WordPress users beware: These 10 plugins are most vulnerable to attacks
As noted by sister site TechRepublic, customers of GoDaddy were able to choose to opt-out of the tracking system. In order to do so, they needed to go to myh.godaddy.com, click the "..." button, "Help Us," and "Opt Out."
Once this has been achieved, the script is automatically removed from the webmaster's domain. However, this is no longer a requirement for customers.
We only collect performance data, nothing more. We don't collect personal information. The data we collect is used to monitor our internal systems, optimize DNS resolution, improve network routing and server configurations, and help us improve the performance of our customers' websites.
These are the worst hacks, cyberattacks, and data breaches of 2018
Previous and related coverage