One thing that doesn’t get mentioned a lot in the world of SEO–except for the sake of mention–is website/blog security. The topic isn’t one of choice among most SEO providers because it is routine in nature. Put another way, it’s something that is done along the way as a matter of standard practice or habit.
With all the products on the market protecting Internet users from becoming victims of phishing, spam and general scamming, it doesn’t seem to be necessary. But nothing could be further from the truth.
Why Site-Wide Security is Important
Just like the physical world around us, the Internet is becoming a smaller place. Okay, so that isn’t a perfect analogy, but it’s sufficient. Social networks are connecting more and more people. Open source sites/coding are doing the same. What’s that mean? It means just like the world is becoming more intricately involved like one nation’s economy affecting others, so too is the “open” Internet.
You might have heard the term or this is your first time reading it. Open source means exactly that: it’s open for anyone and everyone to see. For instance WordPress is an open source blogging platform. Anyone that has the ability to develop a component to improve WP can do so. But that means it is open to attack as well.
When WordPress sends out an update, it always includes a little disclaimer which states that updates help to protect users (and their readers) from hacker attacks. Though it mean appear to be a legality issue, it is a stern warning. Without the latest update, there are ways unscrupulous individuals can get in and wreak havoc.
What Vulnerability Means
Not protecting your site/blog is an open invitation to trouble. The consequences can be benign or as damaging as getting your site banned from Google. It can include stealing your information as well as hijacking your site for even more nefarious purposes. This can include capturing customer information as it comes in through forms or redirecting customers away from your site.
How to Prevent Attacks
The most obvious thing in prevention measures is to never share your usernames and passwords. In conjunction, if you have multiple sites or a site with a blog, use different passwords and usernames for each. While it’s convenient for you to have just one set, it’s just as convenient for hackers.
- Always keep your site and/or blog platform up-to-date
- Keep your plugins up-to-date
- Hide your plugin directory
- Address any PHP errors
- Routinely run site-wide security scans
- Ensure all FTP and other server usernames and passwords contain one upper-case letter, a couple of numbers and at least one special character
- Rename all database tables from their generic descriptions/names
- Keep LAN access to a minimum among users
- Set-up and maintain a firewall
- Use on-site serves as much as possible
- Include robots.txt with the proper protocols
- Check your upload file permissions
- Inspect your SQL data periodically
Observing these protocols won’t guarantee your site/blog will never be hacked but it greatly reduces the likelihood of it being compromised. Determined hackers can overcome nearly any security but owners that take proactive steps will be seen as too much to bother with and will be passed-up for easier targets.
If you believe your site/blog has been hacked or is vulnerable, then contact a web security specialist for a free security check. We’ll be happy to assist you with your site’s security features and keep your business or e-commerce site safe.