April 28, 2017
A couple of weeks ago, Google released a year in review regarding the State of Website Security in 2016. The report opened with the following announcement from Google:
“First off, some unfortunate news. We’ve seen an increase in the number of hacked sites by approximately 32% in 2016 compared to 2015. We don’t expect this trend to slow down. As hackers get more aggressive and more sites become outdated, hackers will continue to capitalize by infecting more sites.”
As you can probably tell from the statement, this news is unsurprising. With millions of websites already in existence and new ones popping up every day, the internet is an endless feeding ground for hackers. Even as website security continues to advance, malware and hacking strategies also shapeshift and evolve to exploit weak spots.
This presents a number of problems for both users and webmasters. First and foremost, the potential leaking, theft, and abuse of user information puts online consumers at risk. But what’s also concerning, namely for webmasters, is that when website security is compromised it can result in hefty penalties, which can significantly set back search engine rankings. In response to this problem, this is what Google wants you to know.
Top Ways Websites Get Hacked by Spammers
While specific malware and hacking spam varies, there is some consistency in how websites are typically hacked. They are:
Clean Up Guides
A lot of websites share similar issues when affected by known hacks. To help fix the problem, Google created clean up guides for sites affected by those known hacks. The hacks are:
Despite the damaging effects that hacking can have on a website, webmasters do have an avenue for recovery. If a website has been penalized for problems resulting from hacking, webmasters can apply for reconsideration and potentially remedy the consequences. According to Google, 84% of webmasters who apply are successful in cleaning up their sites, so there’s no reason a hacking incident has to tank your site forever.
What’s important to remember is that prevention is easier than correction. Taking the extra steps necessary to protect your website can and will ultimately save you the hassle and the headache of having to deal with a breach in security later and dip in rankings later on.
To practice adequate prevention methods, all webmasters should be registered for Google Search Console. Google found that 61% of webmasters who were hacked never received a notification from Google that their site was infected because their sites weren’t verified in Search Console. If your website is being attacked or experiencing issues from hacking and/or spamming, Search Console is the first place you’ll be notified about it. If your website isn’t registered and verified in Search Console not only will you not receive that notification, but your website will continue to suffer and be penalized.
In addition to Google Search Console, there are steps you can take to secure your content management system. The majority of websites are powered by WordPress, Joomla, Magento, or Drupal, all of which have their own security recommendations and resources specific to their system. If your website is powered by one of these, you can learn more about the best practices for securing your CMS and keep your site protected from hackers.
Is your traffic declining? Are you not generating enough leads or sales? We’ve been growing businesses since 2009, let us do it for you!Schedule a Consultation
We’ve been growing businesses since 2009, let us do it for you!