Google and other search engines have stepped up aggressively in identifying sites containing malware, link farms, and other content designed to either spread spam, spy on users or cause damage to a visitor's computer.
Given the significant rise in the number of bots and viruses that infect PCs coming from legitimate websites, if your website falls prey to one of these attacks, it can cause you to be removed from search engine results for a very long time. This is in addition to the reputational risk of having your site become a victim of malware - which is especially painful if you manage credit card or ecommerce transactions, and are expected by users to be completely secure.
Unfortunately, securing a website isn't easy since a site is online constantly and there are some?truly inventive ways?to hack into it. Since there are a wide variety of web platforms out there, it's hard to provide specifics that apply to everyone, but here are some ways to improve your odds of beating the hackers:
Use secure passwords: most security starts with a strong password. A strong password buys you time against brute force attacks (for example, it takes under 2 seconds to brute force the password "giants" but over 200 years for "RanK$nG#On3!-2010"). If your site has other administrative users, enforce minimum password requirements to ensure there are no weak links. Don't write passwords down, don't share them, and change them frequently.
Don't use obvious usernames: "admin" and "root" are the most common administrative users - choosing a different name makes it harder to identify an admin account.
Keep your CMS up to date: if you use WordPress, Drupal or Joomla! - or any other content management system - keep abreast of the latest security patches and apply them quickly.
Use security plug-ins: again, for CMS users, there are some truly excellent plug-ins that can make your platform much more secure. Check what's available for your software and install recommended plug-ins.
Back up your site regularly: it's remarkable how many web sites have no back up whatsoever, even ones with significant investment. Ultimately, if your site is compromised, your back up will be the first thing you need to restore your data.
If you have any form of user-generated content on your site - such as blog comments, forums or user reviews - it's important to monitor activity to protect against comment spam, malicious links and anything else intended to lead the visitor from a legitimate page to somewhere questionable.
Be vigilant in deleting this content, and use technology such as Akismet or? reCAPTCHA ?to deter bots and spammers. Some sites also restrict IP addresses by country, since certain destinations are notorious for stealing site content and causing other issues. If your company has no business opportunities in a particular country, it may help to block requests from IP addresses originating from there. Additionally, adding your site to? Google Webmaster Tools?only takes moments to set up but Google will then routinely monitor your site for evidence of malware.
Hacked sites are becoming a major problem, and can derail your progress in developing your online presence and search engine optimization. There are many technical elements to managing a website but even taking these basic precautions gives you a significantly better chance of avoiding becoming a target.
0 comments:
Post a Comment
Click to see the code!
To insert emoticon you must added at least one space before the code.