Best Website Security Service
-
Having been hacked twice and, it seems, still suffering from problems as a result (file changes and alterations, etc) I'm wondering if there is a good paid service that provides security for websites?
I'm an online travel agent so our websites "up-time" and search engine position is vital but I'm spending more time trying sort out our websites' security than selling travel.
It would be sensible to pay for a service that would ensure, as much as possible, that our site is secure and any optimisation we do is not cancelled out by hacking and security problems.
If anyone could recommend a good company I would be very grateful.
Colin
-
Thanks very much Matt.
-
No problem - an SSL isn't going to prevent the problem you have, but that is why I mentioned going down the route of an SSL with extras such as daily malware scanning and weekly vulnerability assessment.
Verisign would have most likely alerted you to the potential issue before hand so you could have fixed the vulnerability. Also if your site is compromised with malware it will alert you, so you can take immediate action.
As far as SSL goes; now your site has been compromised and you are acting as a travel agent you want to make sure your pages are as secure as possible and a Verisign logo will help customers trust in entering data into your site.
You will still need to make sure that you employ the help of someone who is knowledgeable on the CMS that you are using to make sure it is setup to the optimum not leaving easily exploited windows open, so to speak.
-
Most compromises of that type I've seen have been down to a flaw in either the CMS or the way it was set up (usually permissions). This type of breech is far more common that cracked passwords, servers being compromised etc. They can be annoying to track down, but are usually more easily fixed.
-
Thanks Matt. I take your point.
We've added a number of security measures to the CMS but it looks like we havent' successfully added enough.
Your suggestion to search the platform specific communities is really useful.
Cheers.
-
Just adding an SSL isn't going to help if you are having the sort of problems that you mention.
Your core issue is most likely to be with your CMS. If that is the case then you are probably best finding someone who specialises in that CMS (or generally in coldfusion) who can find the source of the problem and lock it down.
If you are using an off the shelf CMS make sure that it is up to date and fully patched. Check the platform specific communities for people having similar issues and see whether they have successfully prevented the problem recurring.
Good luck. You might just find that there is an insecure upload script or something and once you find that the problems will just end.
-
Hi Matt, thanks for replying.
I have looked at Verisign but wonder if it's comprehensive enough. (If there is such a service).
I wonder if Verisign's service would flag up or better still prevent something like my robot.txt file being altered by a malicious script?
Or whether the malicious script would not have been able to access my site if I was with Verisign?
Colin
-
Have you considered verisign - http://www.verisign.com/ and one of their SSL solutions, with extras such as
http://www.symantec.com/verisign/ssl-certificates/secure-site-pro-ev?inid=vrsn_symc_ssl_SSPEV
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
A website with some guidelines points similar - is this creates an issue?
Hey Guys, Please clarify my doubt at the earliest. We just revamped the website with new content and hired a content writer for our services page to make it done. I just came across with 2 pages with similar guidelines over the content. These are the pages showing some similarity of bulletins. Please take a look on it and give the reply, it creates any ranking issues or not. Page-1: https://www.socprollect-mea.com/business-setup-in-ajman/ Page-2: https://www.socprollect-mea.com/business-registration-in-ajman-free-zones/ Reply ASAP
White Hat / Black Hat SEO | | nazfazy0 -
Googlebot crawling AJAX website not always uses _escaped_fragment_
Hi, I started to investigate googlebot crawl log of our website, and it appears that there is no 1:1 correlation between a crawled URL with escaped_fragment and without it.
White Hat / Black Hat SEO | | yohayg
My expectation is that each time that google crawls a URL, a minute or so after, it suppose to crawl the same URL using an escaped_fragment For example:
Googlebot crawl log for https://my_web_site/some_slug Results:
Googlebot crawled this URL 17 times in July: http://i.imgur.com/sA141O0.jpg Googlebot crawled this URL additional 3 crawls using the escaped_fragment: http://i.imgur.com/sOQjyPU.jpg Do you have any idea if this behavior is normal? Thanks, Yohay sOQjyPU.jpg sA141O0.jpg0 -
What is the best way to eliminate ghost traffic from Google Analytics?
Hey Mozzers, I just wanted to see how you all deal with eliminating Google ghost traffic sources from Google. I tried setting up a RegEx 'include' list before, but it seemed as though I was blocking potential traffic sources when I did as much (I'm probably missing something here). Anyway, I'm interested to read how you all have dealt with this issue in the past, thanks for reading!
White Hat / Black Hat SEO | | maxcarnage0 -
Website penalized never again be the same
In February 2015 I received google email that had been penalized Superficial content with little or no added value. I resolved the situation with Google and the site was reconsidered two months later. The problem happens that since I had to drop the site never again be the same, since the site has been penalized never again be the same, now owned only 10% of visits and since then has not shown more growth. I'm deciding to leave the site for no more hopes and all who have had the same problem told me to forget about and working with new. What do you think? Give up the site and get a new one? In addition, during this period I rephrased the entire site, let responsive, mobile and improved as a whole in the general context and migrated to wordpress. www.acervoamador.com.br (Warning: adult content) I thank you for your attention and have a nice day.
White Hat / Black Hat SEO | | stroke0 -
A Sitemap Web page & A Sitemap in htaccess - will a website be penalised for having both?
Hi I have a sitemap url already generated by SEO Yoast in the htaccess file, and I have submitted that to the search engines. I'd already created a sitemap web page on the website, also as a helpful aid for users to see a list of all page urls. Is this a problem and could this scenario create duplicate issues or any problems with search engines? Thanks.
White Hat / Black Hat SEO | | SEOguy10 -
Advice needed! How to clear a website of a Wordpress Spam Link Injection Google penalty?
Hi Guys, I am currently working on website that has been penalised by Google for a spam link injection. The website was hacked and 17,000 hidden links were injected. All the links have been removed and the site has subsequently been redesigned and re-built. That was the easy part 🙂 The problems comes when I look on Webmaster. Google is showing 1000's of internal spam links to the homepage and other pages within the site. These pages do not actually exist as they were cleared along with all the other spam links. I do believe though this is causing problems with the websites rankings. Certain pages are not ranking on Google and the homepage keyword rankings are fluctuating massively. I have reviewed the website's external links and these are all fine. Does anyone have any experience of this and can provide any recommendations / advice for clearing the site from Google penalty? Thanks, Duncan
White Hat / Black Hat SEO | | CayenneRed890 -
Have you heard of a service called "Autocomplete Engagement?"
One of our clients was approached by a company selling a service they're calling "autocomplete engagement," which they're claiming has the ability to manipulate the auto-suggest feature of Google. They are not selling content, or technical SEO, and claim that the average "SEO guy" cannot garner the results they can. My questions are: a) has anyone heard of this tactic, and b) can it really be done? c) if it can be done, what can a company do to manipulate that information beyond a strong technical SEO and content strategy?
White Hat / Black Hat SEO | | RachelEm0 -
Is Meta Keywords Important For Websites?
Hi, I understand that meta title and descriptions are very important for websites. I would like to know if meta keywords are important? I have seen people talking about meta keywords are useless and it should be removed from the website to prevent competitors from knowing your keywords. Anyone has anything to share? 🙂
White Hat / Black Hat SEO | | chanel270