Posted by: on May 25, 2012

Hacking: the Second Highest Cause of Spam

It’s not just email anymore…

We’re all well aware that webspam can come in the form of email, including phishing messages that aim to acquire sensitive user information or messages that just HAVE to let you know about the latest and greatest penis enlargement supplement.

However, beyond the average email spam lives a much darker version of spam, one that comes into play after a hacker has compromised the security of a website. According to Matt Cutts, the head of Google’s official [anti]Webspam Team, hacked websites are “the second-biggest category of spam that Google deals with.” And if Google is concerned about it, there’s a good chance everyone else on the web should be too.

This form of spam involves a hacker cracking a website’s security and redirecting all of its traffic to a webspam URL of their choosing. This kind of spam is one of the most malicious, and can be absolutely detrimental to a website, or the business behind it.

Protecting Your Site From Hackers

Hacking is a legitimate concern for webmasters and business owners. Sadly, much like the physical world, there are an abundance of shady people who haven’t a single qualm about taking your property and using it for their own dirty deeds.

And once your site is hacked, it’s not always simple to get it back – especially if damage to your brand or your site has already been done. In most cases, not even Google can help you repair the damage done to your SEO, rankings and even your reputation.

A Letter From Google

Via Matt Cutts’ blog, this is a letter he normally sends to webmasters looking for aid from Google:

We also provide additional assistance for hacked sites in our webmaster support forum. I hope that helps.

Matt Cutts

 

Proactively Protect Your Website

There are other preventative measures a webmaster can take in order to prevent a hacking. While these won’t stop the most stalwart of hackers, the extra barriers you put in place might be enough to dissuade them from trying.

1. Turn off your Server Signature.
A server signature can potentially give away where your server is located on the Internet. So, big deal right? Wrong. A hacker with this bit of information can use it to gain access to the server that your website is on and change things like where the domain goes to, site content, or even get it blacklisted.

While the server signature is almost always on by default (it usually serves as an advertising tool for the host), turning it off can add a bit more protection to your site.

2. Disable your Directory Browsing
Directory browsing allows outside users to see the root architecture of a website, giving them a clear view of every page on your site. It also effectively bypasses any security protocols that you already have in place. This is like having a giant steel vault door in front of your valuables, but not having any walls to support that door… hackers can just walk around it.

3. Back up your website
Always backup your website! While it serves as a preventative measure against hackers, it’s also an extremely important tool for anyone trying new plugins, code or changing things on their site.

Should something go wrong or stop working, a viable backup is often the first step in restoring your site. A simple Google search will net you all kinds of tools to help if you don’t know how to do it, and this step alone will save you loads of time and headaches in the future.

Do you have any other great tips for keeping a website secure? Share your opinions in the comments below.

LGD Communications