This time, i think the godaddy setup has certain vulnerabilities, But in all fairness, godaddy is much more of a target than anyone else because they host so many wordpress blogs
In any case, being hacked again, i did the following, and up to now, it seems all the blogs that share this setup (With my custom made multi site wp-config.php file) seem to be working just fine
1- Deleted all the wordpress files excluding the uploads directory.
2- chmoded the upload directory and all it’s sub files to no writing mode (Yes, i can no longer upload until i find out what the root cause is)
3- uploaded new wordpress files and chmoded them to no write for everyone (Yes, when i need to update i will need to swicth, replace the files, and switch back again)
4- Created a script that deletes all the pending comments and run it every now and then
the reason behind the last has to do with the way wordpress decides to put comments on pending or publish instantly, maybe with some javascript to decode, a user can sneak in links within javascript that wordpress can not detect because they are not in link forms, in any case, i don’t know how the hacking is executed, all i know is that this way works up to now. and probably step 4 is irrelevant for the time being.