Well it is time for another of those moments when algorithms of Google are being roll out. The recent roll out is for spammy queries and hacked websites. The new Google Hacked Sites Algorithm will certainly impact nearly 5 % of all the search queries. The target of this algorithm is to remove hacked sites from the search results of Google keeping the search results very safe.
The Focus of the Algorithm
The prime focus of this algorithm is to tackle spam given in the search results. Various legitimate sites are hacked by spammers and are often used in various abusive behavior like promoting low quality sites, malware, porn along with marketing illegal pharmaceutical drugs.
The Reasons behind Hacking and Spammy Link
Many Website owners in the present times sometimes fail to implement the best security practices for their website which unintentionally leave their website vulnerable so that it can be hacked easily. The list of websites which comes under this list may include small business sites along with big or large scale eCommerce websites, Universities, Company websites, Conferences, Restaurants and even Government sites. Technically spammers as well as cyber criminals look for these sites and inject the pages of the website with malicious code and spammy content to try to get traffic as well as rank in the search engine. Moreover they do so also to steal services and valuable files, collect credit card details, gain entry to servers that contain credit cards details, engage in other forms of credit card fraud.
Some of the techniques which can be used to attack your websites are as follows:
- Injecting Viruses (including embedded trojans)
- Malicious Redirects
- DDOS Attacks
- Malware Code Injections
- Obfuscated JavaScipt Injections
- Hidden & Malicious iFrames
- Phishing Attempts
- Cross Site Scripting (XSS)
- Backdoors (e.g., C99, R57, Webshells)
- SQL Injections
How to Know that Your Website is being Hacked
The big question is that how can a person or an organization get to know that their website is hacked and is out of control? Again you certainly need to find about this hacking before your customer find about it. Well it is not really that hard to find a hack. Here are steps which can surely guide you into taking the steps.
- Google Webmasters Tools
Google will surely watch your site right for the problems scanning and reporting any problems right back to you in the Webmasters tools of Google. The saddest part is that Google is also very good at telling your customers about it. This is the reason why warning boxes are usually seen in the browser while you are visiting a site.
- Any Sort of Unusual Activity
Another indicator that your site has been hacked is the very unusual activity which may come in the form of traffic hike or unusual amount of spam coming. Take the example, if an old post becomes popular without any reason then there might a problem.
With this thought, you should watch visitors coming from unusual part of the world like visitors from Russia coming to a local based website in Nebraska would surely be a very bad sign and surely watch for comments which cannot be explained. If considered practically, excess and unusual foreign traffic with a small stipulated time is the biggest indicator of problem. Take a careful watch on Google Analytics to check the unexplained patterns of usage.
- Careful Study at the Files
Now the whole waiting process will surely not going to help customers as well as you to solve the problem. Now if you have a developer or you yourself can take a look at the code. On your wordpress or other site, you can see the php files, the theme folder, htaccess files or other folders/files in your website’s directory as these are the best places where hackers injects malicious codes.
You can scan the entire file structure for base64 or you may look right at the end of the php files. If there are any unknown files, then there may be something fishy.
Another common trick which hackers make use is of scheduling a task right in the background to properly re-infect the site to clean it or performing some malicious chore. Take a proper look at the CRON jobs scheduled on the server or on the hosting environment. If there is anything scheduled you do not know about, then a easy check on the commercial hosting providers can give idea about the hacker’s work.
How to Recover Hacked Sites
Well the whole question of a website getting hacked with malware or spam can really be stressful. That is the reason why Google has been working on a recovery process. Well the happy news is that there is a new feature right in the Webmasters tools called security issues.
If you are a verified website owner, then you will be able to
- Get more information about the issues on security of your site in one place.
- Getting the problem faster with detailed code snippets.
- Requesting a review for various issues in one place with a simple process.
Get more information about the issues on security of your site in one place
As Google detects that your site is hacked with malware or spam, it will show each and everything right in the same place for reference. In the section of security issues, you will get the information that was previously available right in the malware section of the Webmaster Tools. In the security issues main page, one can see the type of hacking along with the sample URLs and also the date when the issue was detected.
Image Courtesy: Google
Getting the problem faster with detailed code snippets
Image Courtesy: Google
Requesting a review for various issues in one place with a simple process
The whole process is much more simplified now if you request a review. Once the website is cleaned and all the security holes are closed down, you can easily request a review for various issues with just one click right from the Security Issues page.
Image Courtesy: Google
Guarding against Hacks of the Future
To keep your site healthy and properly running, you should consider taking proper advantages of it. With the help of proper tools you can monitor unusual traffic or any other suspicious behavior to see if the website is being compromised or not.
Taking in the normal security measures like constantly changing the passwords can effectively generate the security for one and all. In fact you can also hire search engine optimization expert to give you detailed idea about various security issues considering the world of hacking.
Barry Davis is a Technology Evangelist who is joined to Webskitters for more than 5 years. A specialist in Website design, development & planning online business strategy. He is passionate about implementing new web technologies that makes websites perform better.