Best Website Security Service
-
Having been hacked twice and, it seems, still suffering from problems as a result (file changes and alterations, etc) I'm wondering if there is a good paid service that provides security for websites?
I'm an online travel agent so our websites "up-time" and search engine position is vital but I'm spending more time trying sort out our websites' security than selling travel.
It would be sensible to pay for a service that would ensure, as much as possible, that our site is secure and any optimisation we do is not cancelled out by hacking and security problems.
If anyone could recommend a good company I would be very grateful.
Colin
-
Thanks very much Matt.
-
No problem - an SSL isn't going to prevent the problem you have, but that is why I mentioned going down the route of an SSL with extras such as daily malware scanning and weekly vulnerability assessment.
Verisign would have most likely alerted you to the potential issue before hand so you could have fixed the vulnerability. Also if your site is compromised with malware it will alert you, so you can take immediate action.
As far as SSL goes; now your site has been compromised and you are acting as a travel agent you want to make sure your pages are as secure as possible and a Verisign logo will help customers trust in entering data into your site.
You will still need to make sure that you employ the help of someone who is knowledgeable on the CMS that you are using to make sure it is setup to the optimum not leaving easily exploited windows open, so to speak.
-
Most compromises of that type I've seen have been down to a flaw in either the CMS or the way it was set up (usually permissions). This type of breech is far more common that cracked passwords, servers being compromised etc. They can be annoying to track down, but are usually more easily fixed.
-
Thanks Matt. I take your point.
We've added a number of security measures to the CMS but it looks like we havent' successfully added enough.
Your suggestion to search the platform specific communities is really useful.
Cheers.
-
Just adding an SSL isn't going to help if you are having the sort of problems that you mention.
Your core issue is most likely to be with your CMS. If that is the case then you are probably best finding someone who specialises in that CMS (or generally in coldfusion) who can find the source of the problem and lock it down.
If you are using an off the shelf CMS make sure that it is up to date and fully patched. Check the platform specific communities for people having similar issues and see whether they have successfully prevented the problem recurring.
Good luck. You might just find that there is an insecure upload script or something and once you find that the problems will just end.
-
Hi Matt, thanks for replying.
I have looked at Verisign but wonder if it's comprehensive enough. (If there is such a service).
I wonder if Verisign's service would flag up or better still prevent something like my robot.txt file being altered by a malicious script?
Or whether the malicious script would not have been able to access my site if I was with Verisign?
Colin
-
Have you considered verisign - http://www.verisign.com/ and one of their SSL solutions, with extras such as
http://www.symantec.com/verisign/ssl-certificates/secure-site-pro-ev?inid=vrsn_symc_ssl_SSPEV
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Help finding website content scraping
Hi, I need a tool to help me review sites that are plagiarising / directly copying content from my site. But tools that I'm aware, such as Copyscape, appear to work with individual URLs and not a root domain. That's great if you have a particular post or page you want to check. But in this case, some sites are scraping 1000s of product pages. So I need to submit the root domain rather than an individual URL. In some cases, other sites are being listed in SERPs above or even instead of our site for product search terms. But so far I have stumbled across this, rather than proactively researched offending sites. So I want to insert my root domain & then for the tool to review all my internal site pages before providing information on other domains where an individual page has a certain amount of duplicated copy. Working in the same way as Moz crawls the site for internal duplicate pages - I need a list of duplicate content by domain & URL, externally that I can then contact the offending sites to request they remove the content and send to Google as evidence, if they don't. Any help would be gratefully appreciated. Terry
White Hat / Black Hat SEO | | MFCommunications0 -
Multiple Websites Under Single Brand
My company has many websites having similar content . They are into the retail business and sell manufactured homes. Since they sell different manufacturer homes products having different specification in different states that's why they have created many websites. Will duplicate design and similar content on some of the pages across multiple website will cause issues in Google ranking.
White Hat / Black Hat SEO | | christmaslaserlights0 -
I redesigned a clients website and there is a pretty massive drop in traffic - despite my efforts to significantly improve SEO.
Hi there, I redesigned a clients website that was very old fashioned and was not responsive. I implemented 301 redirects, kept the content pretty similar, website linking structure very similar - the only things i changed was making the website responsive, improved title tags, added a bit more information, improved the footer and h1 tags etc.. however although clicks are fairly similar search impressions have dropped about 60% on average over the past week. The old site had some keywords linking to pages with no new content so i removed those as seemed like black hat seo tricks and also there was a huge list of "locations we deliver to" on the homepage followed by around 500 citys/towns I removed this. Could this be the cause for the drop? as i assumed those would do more harm than good? Fairly new with SEO as you can probably tell. Looking for advice on what may be the cause and what steps I should take now. Thanks for reading! duGeW
White Hat / Black Hat SEO | | binkez321 -
Moving website and domain name without 301 Redirect or rel=canonical
I do not wish to draw attention to my company, so I am using code names. For the sake of this discussion, we are a new car dealership representing Brand X Cars. The manufacturer of Brand X Cars pushes its dealers toward a website hosting company called CarWebsites in order to maintain a level of quality and control with each dealer. However, we have found the platform to be too restricting, and are switching to our own WordPress site. Unfortunately Brand X is claiming ownership of our original domain, BrandXCarDealer.net, so we have switched to BrandXCarDealer.com (which we prefer anyways). Now both websites are running, and there is duplicate content of everything. Brand X is not cooperative and will not 301 redirect to the new site, and we do not have access to the of the website for a rel=canonical. Brand X is also dragging its feet on shutting down BrandXCarDealer.net. We do still have access to change the content of the pages on the BrandXCarDealer.net site, but that is pretty much as far as our control goes. So my question is, is there anything we can do, without using a 301 redirect or rel=canonical, to tell Google to pay attention to the new BrandXCarDealer.com rather than the old BrandXCarDealer.net? Any suggestions are appreciated. Thanks!
White Hat / Black Hat SEO | | VanMaster0 -
Redirecting from https to http - will pass whole link juice to new http website pages?
Hi making permanent 301 redirection from https to http - will pass whole link juice to new http website pages?
White Hat / Black Hat SEO | | Aman_1230 -
One of my outbound links website go hit by panda!
Hi mozzers, today I received a message from one of my blogger partners announcing me that he got hit by panda. 2 weeks ago I had him placing 2 anchors one in our main domain and a second one on our subdomain. I know panda focuses essentially on dups and I have paid attention to our webmaster tools to make sure we haven t got any messages Which we re good with. What do you guys suggest, will this affect us at some point or we re good? also in case that we re good will panda affect the blogger's authority therefore ours? if yes I should probably remove them, right? Thanks
White Hat / Black Hat SEO | | Ideas-Money-Art0 -
What are the best methods of White Hat SEO?
What are the best methods of White Hat SEO? How can you create good quality White Hat links? For example, how do you convince someone to link to your site?
White Hat / Black Hat SEO | | harrygardiner0 -
Does your website get downgraded if you link to a lower quality site?
My site has a pr of 4. My friends site has a pr of 2 but I think that he is doing some black hat seo techniques. I wanted to know whether the search engines would ding me for linking to (i.e., validating) a lower quality site.
White Hat / Black Hat SEO | | jamesjd70