Google’s documents webspam in 2015, revealing the following info:
When your website’s down, it takes your search rankings down too.
The first page of search engine results is prime real estate. And every webmaster is trying to get their website to show up there. Websites ranking dropped like a rock when your site was hacked.
Often, they want to pick your pockets. They’re not just nerdy teenagers looking for an ego trip. No, they’re hacking to get rich quick, using your passwords, your identity, your banking information, your credit card information, and anything else they can get their hands on. That’s why they’re called cyber criminals.
Other times, they want to use your website or computer for their clandestine activities – pirated software, phony prescription drugs, pirated music – and pick other people’s pockets.
These cyber pirates opt to leech your computer juice or good reputation for their questionable activities instead of doing the hard work of building a reputable business themselves.
To do this, they identify a vulnerability in a software, create a software that exploits that vulnerability, then send their program into the web to comb for unsuspecting sites that have the vulnerable software.
If your site is one of them, it gets attacked. Once the hacker has gained access to your site, they will either spam your site or install malware.
We’re all familiar with email spam. Who hasn’t gotten those emails posing as a well-known brand name that wants you to verify your information or claiming that a destitute widow’s son is dying in the hospital?
Well, website spam is text that is riddled with links to the scammer’s website. This kind of spamming can be happening without your knowledge. Many times, the code with spam links is hidden deep in your website and is redirecting your site’s visitors to the scammer’s website.
Malware is malicious software that takes over your website or computer and uses it to spread the infection. Your computer may become part of a botnet, a zombie army of computers that unleash copious amounts of viruses and spam into cyberspace. These botnets then harvest sensitive financial and identity information from a broader range of victims.
It’s not enough to create a great website and leave it set. A healthy website requires ongoing maintenance.
If you’re like many website owners, you’re using WordPress, a free open-source software. But that means that any vulnerability that is found in the WordPress core software, its themes or its plugins is posted publicly. Malicious cyberpunks love to lurk in the dark recesses of outdated WordPress plugins and themes.
If you happen to slack on the mundane task of installing updates, you may become the target of a malicious hacker. Outdated software is the number one reason that websites get hacked.
If Google thinks that your site is infected with malicious software, it will blacklist your site. They call it quarantining, but regardless of the term, your site will be flagged or removed, which means your search rankings will plummet. This happens to around 10,000 websites daily. If your site’s been blacklisted, you can expect to lose about 95% of your traffic.
A new hacking threat has surfaced recently in the form of cloaked PDF pages. Sophos, a software security company, discovered hundreds of thousands of these on search results.
Cloaking is the cloak-and-dagger version of website hacking. Hackers used PDF files, which were possibly more trusted by Google’s algorithms, to embed spammy links that direct hapless visitors to unscrupulous websites.
Google is upping their aggressive war on spam by changing some of their search algorithms and rigorously removing hacked sites.
Fixing a hack can cost thousands of dollars, not to mention lost revenue from customers being afraid – or unable – to step foot on your site. Unraveling the labyrinth of malware code from your website, rescuing or rebuilding your content, and getting de-blacklisted takes times.
Some brave webmasters tackle it themselves, but for most, it’s a task best left to professionals. It depends on your depth of computer savviness. To prevent hacks, keep your site updated. You can dramatically decrease hack attacks if you update.
Backup your site regularly. Your data isn’t safe just because it’s online – it needs to be backed up just as much as your local desktop files.
Invest in some real-time monitoring. Updating and backing up your site won’t automatically insulate your website. A real-time monitoring service watches for malicious activity on your site and fixes and cleans it before you can say “boo”.
MVI always keeps all software up-to-date. We carry out upgrade operation every month to make sure that all software, operating system files, CMS, frameworks has latest version and security patches installed.
MVI restricts access to the server and website very strongly. We do not allow any SSH access from unknown IP addresses. We also allow FTP transection via secured channel.
We use multi-layer web application firewall. Beside of WAF installed in our system, we always use CloudFlare and Sucuri to protect e-commerce and high traffic websites from malware attack, XSS attack, credit card theft and DDoS attack.
File uploads are a major concern. No matter how thoroughly the system checks them out, bugs can still get through and allow a hacker unlimited access to your site’s data. We take every pre-caution necessary to prevent this to happen. We prevent direct access to any uploaded files.
Most of the site hosted in MVI servers are SSL enabled. We always strongly recommend our customers to use SSL certificate for their website. Beside of securing the website, SSL certificate can play major role to increase site’s SEO ranking as Google now emphasizing making the site secured.
We make backups of all website and database regularly. We also have backup archiving system that keeps daily, weekly and monthly archive of the website and databases. We can go back to website and database up to one month old. Beside of onsite backup, we also keep a copy of the backup offsite. So that if anything happens to our data center, our customers data will still be retrievable.
1. Strong spam filter
MVI Usage the strongest available spam filter. Beside of in-house spam filter, we also have third party spam filter that filter our emails before reaching MVI server.
2. Protection with policy
We use specific set of policies that prevents hackers to break into your email box using brute force attack. If someone try to access your mailbox by guessing passwords randomly, our system will block IP address of the attacker automatically after certain try. MVI email system policy also prevents sending out and receiving mass spams.
3. Secure Webmail / POP / IMAP / SMTP access
MVI email system usage SSL to secure all kind of email transections. Whether you access it via webmail or POP/IMAP. MVI provides secured channel between your device/computer and MVI server to protect your email transection.
Take action now to prevent hacks – long before they have the nerve to take up residence and take your website rankings to the black hole of search engine blacklists. As they say, “An ounce of prevention is worth a pound of cure.” A high-caliber security and backup system will keep your website where it should be, on prime search engine real estate.