So Google started a #NoHacked ‘thing’ a while ago asking people to submit your best ideas to prevent or better keep away from being hacked. I’ve got 3 steps you can take right now to be safe down the road. Ready?
I submitted one of my favorites, one that I unfortunately learned from direct experience. A few years ago, my site was the victim of a SQL injection hack. In simple english, there was a bit of code that was secretly creating pages on my website. The URL of those pages looked something like AreWeConnected.com/viagra.php I could not see those pages in my dashboard, no new users, no notifications, and they didn’t show up to anyone other than the search engines. There wasn’t just one or two, there were THOUSANDS created and I had no idea.
UNTIL I GOT BLACKLISTED BY GOOGLE
When you are blacklisted, the first thing you notice is a lack of traffic. More like NO traffic at all. Zero Zip Nada. You simply no longer show up in search results. The Google Bot doesn’t come visit you anymore. And it’s not like Google even bothered to notify me either. There might be a small notification in Webmaster tools if you happen to see it. I guess if Google could talk, it would have simply said “You’re dead to me“. And I was.
It was a long struggle back. I’m not sure what happened, when, or why. I lost everything. I had to start with a brand new WordPress install and start writing from post #1. (For the record this is post #445).
Today I have an automatic backup that happens and I am always watching my site for certain keywords.
How do I do that? That was my tip for #NoHacked.
That’s right, I’m making Google ‘alert’ me to pages I may not have created! Simply head over to Google Alerts and setup searches for your website and add a modifier for hacked words. I have Alerts for all sorts of words like Viagra, Cialis, and many others. Don’t forget to intentionally misspell words too. The hackers do that and so should you!
The really cool thing is that Google used my tip as their #3
A good way to look out for these unexpected queries is to set up Google Alerts. For example, if you set up an alert for “site:example.com(viagra|cialis|casino|loans)”, we’ll notify you when these keywords appear on your site.
This doesn’t stop me from being hacked in the first place.
Their #4 Tip would stop 99% of everyone from being hacked.
Updating outdated software to the latest version is an easy way to prevent your site from getting hacked. This includes software for your web hosting, web server and content management system.
A good way of doing this regularly is to set up a recurring calendar reminder. Every few months, remind yourself to update software, and also to review security settings, backup files, and sign up to receive new security announcements. Be proactive in keeping your site safe and secure.
REMEMBER: Nothing is ever 100% secure. I build sites in WordPress because it is secure, and it’s also easy for the owner to click a button and update most everything (WordPress Core, Themes, and Plugins). Other platforms don’t have this option. WordPress Rocks!
ACTION PLAN:
- Check to see if you are on a Blacklist.
- Setup an automatic Google Alert(s) for your site and hacked keywords.
- Setup an automatic full backup system.
Wondering if your site has been Blacklisted? Send me an email and I’ll be happy to check it for you. I’ll also check and see if everything else is properly working. Don’t be hacked. Speaking from experience, it’s just not fun. #NoHacked
- The Ultimate Guide to Writing the Perfect Blog Post - March 14, 2023
- 8 Questions Your Web Developer Should Have Asked - April 27, 2021
- Slack, Chat or Discord? - April 6, 2021