I discovered several sites again today which I will not mention on this post that is infected by the same virus that infected it last year but with slight modification on the malicious code. Some websites I know were also hacked and defaced. The problem is that sometimes, you can’t discover it until you find it out that Google already tagging/marking your site with a disturbing message “This site may harm your computer.” Which will immediately cause a drop on your traffic. The pain is it will take sometime before the “said mark” before Google lifts it.
This infection will really hurt your site in terms of traffic and sales lost which makes your SEO effort become useless. It is because, browsers today like Chrome and Firefox block sites with the said mark preventing users to open it even after you clean it.
This is the reason why you should avoid the infection to happen. It is as always I said, “prevention is always better than cure.” Here’s some of the things that you should consider to avoid this kind of situation (based on the suggestion of StopBadWare.org and my previous tips):
Protect your site
- Ensure that any software you use (e.g., blogging software like WordPress, third party scripts, etc.) is kept up to date with the latest security fixes, either by you (if you installed the software) or by your hosting provider.
- Remove any scripts, services, or other software that you are no longer using.
- Change any default passwords that come with the software you are using.
- Use appropriate file permissions on your web server.
- Limit the access to the site. Remove old users that is not part of the team that should access the site.
Protect your password
- Use a strong password and change it occasionally, especially if you have reason to think it has been compromised. A minimum of 12 character passwords composed of at least 2 symbols, 2 number and 2 upper case letters can create a hard to crack password.
Protect your computer
- Use appropriate firewall, anti-virus, anti-malware or anti-badware. Usually infection starts on your PC. Even if you follow the previous preventive measures but you neglect your own PC, still your website can be infected.
- Read StopBadWare.org’s tips on preventing badware infections for more information about this.