top-tips-header
Security

Top Tips: Blacklisting - How you can reduce your website's vulnerability and bring it back

09-09-2015-how-to-reduce-your-websites-vulnerability-and-bring-it-backRidley Ruth is COO of Dropmysite, an award-winning cloud-based back-up company with a focus on websites, emails, databases, mobile devices, and more. Ridley has 20 years of industry experience, in sales, marketing, business development and operations. He has specialized in search engine optimization, website marketing, website security as well as hard drive and software computer forensic duplication. Prior to Dropmysite, Ridley was vice president sales of StopTheHacker, a leading website security company which was acquired by CloudFlare, Inc.

Ridley shares his top tips on how to reduce your website’s vulnerability to hackers, and how to come back from blacklisting should the worst happen.

 

Whether you search Google, use a web browser, or manage your own website, you have probably encountered a form of blacklisting. On average, 30,000 new websites per day are hacked and infected with some form of malicious code or malware that can be distributed to site visitors.

Google’s Safe Browsing service, an initiative designed to make the web safer and encourage better security practices, issues tens of millions of warnings each week in Chrome, Safari and Firefox browsers. It also notifies participating webmasters when their sites have been hacked and provides information about recovering from an infection and getting the warnings removed.

Any website is vulnerable, whether it is a blog, online family photo album, information website for a class reunion, or a side business. You may not realize you’ve been blacklisted until those trying to access your site complain that their antivirus programs are blocking the site, or that pages on the site are redirecting them to a porn site. It could be that your web hosting company shut down your site or you've run a search and discovered warning messages on your own.

Webmasters can position themselves to recover quickly and efficiently in the event their site is attacked. The time required to remove malicious software and secure a site can range from hours to days or even weeks. It depends on the severity of the problem, the webmaster’s familiarity with the remediation process, and proactive measures that have been taken in anticipation of possible attacks.

Preparation is key

Transition to secure, automated backup, which ensures your backup is done right every time - Cloud-based backup is recommended over backing up locally, because local servers across your network can also be vulnerable if your website suffers a breach. Quality hosting providers offer customers easy-to-use self-service tools, which make restoring data a simple, one-click proposition when every minute counts.

Register for Google’s Webmaster Tools, which is free - Being registered means you will receive prompt notification of any site compromises. If your site is infected, you will also need to use Webmaster Tools at the end of the remediation process to request a review to have blocking removed.

Once your website has been blacklisted

If you’ve been blacklisted, determine what exactly Google has blacklisted - This information is located at the top of the diagnostic page that says “Diagnostic page for <URL>,”Examples:

  • blog.yourdomain.com/pages/page1.html – only this page
  • blog.yourdomain.com/pages/ - everything below /pages
  • yourdomain.com - the domain and all subdomains

This information can help to pinpoint where the issue may reside within specific sections of the site.  Note that Google’s diagnostic page may not provide details on the suspicious content or the malicious domains that led to the blacklisting. If this data is unavailable, run the domain against a reputable website malware scanner, which is able to detect malware, blacklisting status and other vulnerabilities within the website.

Clean the website and change passwords - Start with securing your PC.  Run reputable antivirus scanners on every administrator-run computer that logs in to your site. Also, check server logs for activity by any administrator who has worked on an infected machine.

Change passwords for all site users and accounts, using a mix of letters, numbers and symbols, and creating a unique password for each account. Change your webhosting account password, all database passwords, and your ftp credentials.

Update, delete, restore and review - Be vigilant about updating for your operating system, CMS, blogging platform, apps, plug-ins, etc.  Delete any files added to the site after the infection first appeared. Restore data from backup files. Google recommends that you use Wget or cURL to view your site’s pages to verify they are clean and free of damage. Finally, request a review from Google before blocking is removed. Removal times can vary widely, but average time required for blocking removal is just under 10 hours and a half hours.

Blacklisting can be devastating for the average small business owner, keeping your website down for an average of 7-10 days before being fully restored to Google. The 5 top tips above will help you to prepare for potential blacklisting, to monitor your website’s vulnerability from Google, to learn why your site was blacklisted, and to bring your site back online without damaging its organic search rankings.

Don’t keep your head in the sand. Website owners, make sure your backup solution is comprehensive and easy to use, and can get you back online quickly. Register with Webmaster Tools and familiarize yourself with the remediation steps. Then relax. You’ve done what you can to prepare for the worst.

PREVIOUS ARTICLE

« BT funds kids' tech schooling, asks big questions

NEXT ARTICLE

What will the internet look like in 2040? »
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

Poll

Do you think your smartphone is making you a workaholic?