Best Website Security Service
-
Having been hacked twice and, it seems, still suffering from problems as a result (file changes and alterations, etc) I'm wondering if there is a good paid service that provides security for websites?
I'm an online travel agent so our websites "up-time" and search engine position is vital but I'm spending more time trying sort out our websites' security than selling travel.
It would be sensible to pay for a service that would ensure, as much as possible, that our site is secure and any optimisation we do is not cancelled out by hacking and security problems.
If anyone could recommend a good company I would be very grateful.
Colin
-
Thanks very much Matt.
-
No problem - an SSL isn't going to prevent the problem you have, but that is why I mentioned going down the route of an SSL with extras such as daily malware scanning and weekly vulnerability assessment.
Verisign would have most likely alerted you to the potential issue before hand so you could have fixed the vulnerability. Also if your site is compromised with malware it will alert you, so you can take immediate action.
As far as SSL goes; now your site has been compromised and you are acting as a travel agent you want to make sure your pages are as secure as possible and a Verisign logo will help customers trust in entering data into your site.
You will still need to make sure that you employ the help of someone who is knowledgeable on the CMS that you are using to make sure it is setup to the optimum not leaving easily exploited windows open, so to speak.
-
Most compromises of that type I've seen have been down to a flaw in either the CMS or the way it was set up (usually permissions). This type of breech is far more common that cracked passwords, servers being compromised etc. They can be annoying to track down, but are usually more easily fixed.
-
Thanks Matt. I take your point.
We've added a number of security measures to the CMS but it looks like we havent' successfully added enough.
Your suggestion to search the platform specific communities is really useful.
Cheers.
-
Just adding an SSL isn't going to help if you are having the sort of problems that you mention.
Your core issue is most likely to be with your CMS. If that is the case then you are probably best finding someone who specialises in that CMS (or generally in coldfusion) who can find the source of the problem and lock it down.
If you are using an off the shelf CMS make sure that it is up to date and fully patched. Check the platform specific communities for people having similar issues and see whether they have successfully prevented the problem recurring.
Good luck. You might just find that there is an insecure upload script or something and once you find that the problems will just end.
-
Hi Matt, thanks for replying.
I have looked at Verisign but wonder if it's comprehensive enough. (If there is such a service).
I wonder if Verisign's service would flag up or better still prevent something like my robot.txt file being altered by a malicious script?
Or whether the malicious script would not have been able to access my site if I was with Verisign?
Colin
-
Have you considered verisign - http://www.verisign.com/ and one of their SSL solutions, with extras such as
http://www.symantec.com/verisign/ssl-certificates/secure-site-pro-ev?inid=vrsn_symc_ssl_SSPEV
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
How can I stop serious traffic lost on my website
I need help resolving technical SEO issues on my website CamRojud. I have tried allSEO tactics but no improvement yet. Can someone in the forum guide me through please.
White Hat / Black Hat SEO | | Dawodus0 -
A website with some guidelines points similar - is this creates an issue?
Hey Guys, Please clarify my doubt at the earliest. We just revamped the website with new content and hired a content writer for our services page to make it done. I just came across with 2 pages with similar guidelines over the content. These are the pages showing some similarity of bulletins. Please take a look on it and give the reply, it creates any ranking issues or not. Page-1: https://www.socprollect-mea.com/business-setup-in-ajman/ Page-2: https://www.socprollect-mea.com/business-registration-in-ajman-free-zones/ Reply ASAP
White Hat / Black Hat SEO | | nazfazy0 -
Duplicate product content - from a manufacturer website, to retailers
Hi Mozzers, We're working on a website for a manufacturer who allows retailers to reuse their product information. Now, this of course raises the issue of duplicate content. The manufacturer is the content owner and originator, but retailers will copy the information for their own site and not link back (permitted by the manufacturer) - the only reference to the manufacturer will be the brand name citation on the retailer website. How would you deal with the duplicate content issues that this may cause. Especially considering the domain authority for a lot of the retailer websites is better than the manufacturer site? Thanks!!
White Hat / Black Hat SEO | | A_Q0 -
Secondary Domain Outranking Master Website
IEEE is a large professional association dedicated to serving engineers. The IEEE Web Presence is made up of flagship sites like IEEE.org, IEEEXplore, and IEEE Spectrum, mid-tier sites like Computer.org, and smaller sites like those dedicated to specific conferences. It is unclear exactly when this started - but searches in Google for [ieee] currently return ieeeusa.org before ieee.org. This is troublesome, as users are typically looking for IEEE.org with such a general query. ieeeusa.org is a site that has a much narrower focus - it is dedicated to public policy. IEEE.org is one of the strongest domains - I am thinking that this is a glitch of some sort. I am removing a stale sitemap that is referenced in robots.txt (though again, I'm not seeing any issues with other pages - its just two queries that are trouble: [ieee] and [about ieee]. And its noticeable in analytics 🙂 http://ieee.d.pr/hMg0/YhklCw7Z What do you think? 🙂
White Hat / Black Hat SEO | | thegrif3290 -
Using a geolocation service to serve different banners in homepage. Dangers? Best Practices?
Hello, our website is used by customer in more than 100 countries. Becasuse the countries we serve are so many, we are using one single domain and homepage, without country specific content. Now, we are considering to use an geolocation service to identify the customer location and then to change the contents of one banner in the home page accordingly. Might this be dangerous from a SEO perspective? If yes, any suggesiton on how can we implement this to avoid troubles and penalties form the Search Engines? Thanks in advance for any help,Dario
White Hat / Black Hat SEO | | Darioz0 -
Website not listing in google - screaming frog shows 500 error? What could the issue be?
Hey, http://www.interconnect.org.uk/ - the site seems to load fine, but for some reason the site is not getting indexed. I tried running the site on screaming frog, and it gives a 500 error code, which suggests it can't access the site? I'm guessing this is the same problem google is having, do you have any ideas as to why this may be and how I can rectify this? Thanks, Andrew
White Hat / Black Hat SEO | | Heehaw0 -
Need advice on best strategy for removing these bad links.
Heres the scenario... We recently took on a new client who's previous seo company had partaken in some dodgy link building tactics. They appear to have done some blog comment spam, very poorly. The situation we are now in is this: We have a site with an internal page deemed more important than the homepage (the homepage has 60 linking root domains and the internal page 879). It looks as though the previous seo company submitted a disavow request, theres a message in webmaster tools from a few weeks back saying it had been received, but no further correspondence. I have doubts as to whether this disavow request was done correctly... Plus im not sure that Google has issued the site a warning yet as they are ranking position one for the keyword on the internal page. Our clients want us to handle this in the correct manner, whether it be to simply ignore it and wait for Google to send a warning about the links, remove the offending internal page and leave a 404, or try to disavow the links that google doesnt know about yet from 800+ websites. Suggestions for the best practice for dealing with this situation? Any advice is much appreciated, Thanks, Hayley.
White Hat / Black Hat SEO | | Silkstream0 -
Website Vulnerability Leading to Doorway Page Spam. Need Help.
Keywords he is ranking for , houston dwi lawyer, houston dwi attorney and etc.. Client was acquired in June and since then we have done nothing but build high quality links to the website. None of our clients were dropped/dinged or impacted by the panda/penguin updates in 2012 or updates previously published via Google. Which proves we do quality SEO work. We went ahead and started duplicating links which worked for other legal clients and 5 months later this client is either dropping or staying in local maps results and we are performing very badly in organic results. Some more history..... When he first engaged our company we switched his website from a CMS called plone to word press. During our move I ran some searches to figure out which pages we needed to 301 and we came across many profile pages or member pages created on the clients CMS (PLONE). These pages were very spammy and linked to other plone sites using car model,make,year type keywords (ex:jeep cherokee dealerships). I went through these sites to see if they were linking back and could not find any back links to my clients website. Obviously nobody authorized these pages, they all looked very hackish and it seemed as though there was a vulnerability on his plone CMS installation which nobody caught. Fast forward 5 months and the newest OSE update is showing me a good 50+ back links with unrelated anchor text back links. These anchor text links are the same color as the background and can only be found if you hover your mouse over certain areas of the site. All of these sites are built on Plone and allot of them are linked to other businesses or community websites. These websites obviously have no clue they have been hacked or are being used for black hat purposes. There are dozens of unrelated anchor text links being used on external websites which are pointing back to our clients website. Examples: <a class="clickable title link-pivot" title="See top linking pages that use this anchor text">autex Isuzu, </a><a class="clickable title link-pivot" title="See top linking pages that use this anchor text">Toyota service department ratings, </a><a class="clickable title link-pivot" style="color: #5e5e5e; font-family: Helvetica, Arial, sans-serif; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;" title="See top linking pages that use this anchor text">die cast BMW and etc..</a> Obviously the first step is to use the disavow link tool, which will be completed this week. The second step is to take some feedback from the SEO community. It seems like these pages are automatically created using some type of bot. It will be very tedious if we have to continually remove these links. I hope there is a way to notify Google that these websites are all plone and have a vulnerability, which black hats are using to harm the innocent... If i cannot get Google to handle this, then the only other option is to start fresh with a new domain name. What would you do in this situation. Your help is greatly appreciated. Thank you
White Hat / Black Hat SEO | | waqid0