Have You Been Hacked?

Traffic is the primary element of conversions leading to sales on websites, and the primary source of traffic for most sites is Google. However, search engines will seriously websites which hosting malware in their domains. Unfortunately, a site can be hacked and infected without the knowledge of either the owner or webmaster.

Have you been Hacked??

Google’s search quality guidelines warn:  “Don’t create pages with malicious behavior, such as phishing or installing viruses, trojans, or other badware.” If malware in your website is the result of successful hacking activity, it can be hard to prove it isn’t you and Google will want to get you out of the results quickly and may not give you time to find the problem.

However, if you can detect malware early, it will not cause as much damage to your websites or your visitors. Google can actually help you, since they have the most effective tools for detecting hacked in malware on your website.

Simply go to http://www.google.com/, and type in site: yourdomain.com (using your domain name where it says yourdomain). Use your domain name only, and don’t include www. so you will get the maximum number of indexed pages.

Google will provide all the indexed pages in your website. If you ahve a lot of pages, change the default view to 100 instead of 10 results per page (you can do this in “Advanced search” under “Need more tools”. Select”repeat the search with the omitted results included” to display hidden results.

Any result that is flagged with “This site may harm your computer.” means that Google found malware hosted on that URL. This means you ahve indeeed been hacked by someone who broke to plant malware.

If you have a Google Webmasters account, you can also fo a quick check by clicking “Labs” in the dashboard, then “Malware details.” If you get the response  “Google has not detected any malware on this site,” then there has not been a hack.

However, you still may not be in the clear. New methods employed by hackers include planting links in the site pointing to spammy websites or  malware domains. If link building is being done that you are your SEO are not responsible for, be suspicious! Tools are available to check external links, however, and you can also utilize your server logs to find out if unknown IP addresses are accessing restricted pages.

Simply log in to your hosting account and copy and paste the access log into an Excel file or OpenOffice Calc. Then you can create filters to eliminate your own IP address and find URLs containing the word “admin”. If you find any and they return  a 404 (not found) or a 301 header that indicates a failed hacking attempt. A 200 OK status may indicate a successful hacking attempt. Use server logs to trace where the hacker visited other restricted pages in your domain, and block them.

To protect yourself, enable logs for admin pages, update your web software, and sanitize user input. Also, use captcha to defeat malware bots, disable unneeded PHP functions, and use strong passwords and SSL. Don’t use default passwords, and never store passwords online. Scan your website regularly as described, and act fast if you think you’ve been hacked. (Your SEO firm may offer services for checking your links.)

admin