Best Website Security Service
-
Having been hacked twice and, it seems, still suffering from problems as a result (file changes and alterations, etc) I'm wondering if there is a good paid service that provides security for websites?
I'm an online travel agent so our websites "up-time" and search engine position is vital but I'm spending more time trying sort out our websites' security than selling travel.
It would be sensible to pay for a service that would ensure, as much as possible, that our site is secure and any optimisation we do is not cancelled out by hacking and security problems.
If anyone could recommend a good company I would be very grateful.
Colin
-
Thanks very much Matt.
-
No problem - an SSL isn't going to prevent the problem you have, but that is why I mentioned going down the route of an SSL with extras such as daily malware scanning and weekly vulnerability assessment.
Verisign would have most likely alerted you to the potential issue before hand so you could have fixed the vulnerability. Also if your site is compromised with malware it will alert you, so you can take immediate action.
As far as SSL goes; now your site has been compromised and you are acting as a travel agent you want to make sure your pages are as secure as possible and a Verisign logo will help customers trust in entering data into your site.
You will still need to make sure that you employ the help of someone who is knowledgeable on the CMS that you are using to make sure it is setup to the optimum not leaving easily exploited windows open, so to speak.
-
Most compromises of that type I've seen have been down to a flaw in either the CMS or the way it was set up (usually permissions). This type of breech is far more common that cracked passwords, servers being compromised etc. They can be annoying to track down, but are usually more easily fixed.
-
Thanks Matt. I take your point.
We've added a number of security measures to the CMS but it looks like we havent' successfully added enough.
Your suggestion to search the platform specific communities is really useful.
Cheers.
-
Just adding an SSL isn't going to help if you are having the sort of problems that you mention.
Your core issue is most likely to be with your CMS. If that is the case then you are probably best finding someone who specialises in that CMS (or generally in coldfusion) who can find the source of the problem and lock it down.
If you are using an off the shelf CMS make sure that it is up to date and fully patched. Check the platform specific communities for people having similar issues and see whether they have successfully prevented the problem recurring.
Good luck. You might just find that there is an insecure upload script or something and once you find that the problems will just end.
-
Hi Matt, thanks for replying.
I have looked at Verisign but wonder if it's comprehensive enough. (If there is such a service).
I wonder if Verisign's service would flag up or better still prevent something like my robot.txt file being altered by a malicious script?
Or whether the malicious script would not have been able to access my site if I was with Verisign?
Colin
-
Have you considered verisign - http://www.verisign.com/ and one of their SSL solutions, with extras such as
http://www.symantec.com/verisign/ssl-certificates/secure-site-pro-ev?inid=vrsn_symc_ssl_SSPEV
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Our webpage has been embedded in others website using iframe. Does this hurts us in rankings?
Hi all, One of our partners have embedded our webpage in their website using iframe such a way that anybody can browse to any page of our website from their website. It's said that content in iframes will not get indexed. But when I Google for h1 tag of our embedded webpage, I can see their website in SERP but not ours which is original. How it's been indexed? Is this hurting us in rankings? Thanks
White Hat / Black Hat SEO | | vtmoz0 -
I redesigned a clients website and there is a pretty massive drop in traffic - despite my efforts to significantly improve SEO.
Hi there, I redesigned a clients website that was very old fashioned and was not responsive. I implemented 301 redirects, kept the content pretty similar, website linking structure very similar - the only things i changed was making the website responsive, improved title tags, added a bit more information, improved the footer and h1 tags etc.. however although clicks are fairly similar search impressions have dropped about 60% on average over the past week. The old site had some keywords linking to pages with no new content so i removed those as seemed like black hat seo tricks and also there was a huge list of "locations we deliver to" on the homepage followed by around 500 citys/towns I removed this. Could this be the cause for the drop? as i assumed those would do more harm than good? Fairly new with SEO as you can probably tell. Looking for advice on what may be the cause and what steps I should take now. Thanks for reading! duGeW
White Hat / Black Hat SEO | | binkez321 -
Best Location to find High Page Authority/ Domain Authority Expired Domains?
Hi, I've been looking online for the best locations to purchase expired domains with existing Page Authority/ Domain Authority attached to them. So far I've found: http://www.expireddomains.net
White Hat / Black Hat SEO | | VelasquezEF
http://www.domainauthoritylinks.com
http://moonsy.com/expired_domains/ These site's are great but I'm wondering if I'm potentially missing other locations? Any other recommendations? Thanks.1 -
Loading websites faster
which are the best plugings for loading a website faster? Wp smush it+ w3 total cache + having a good theme like thesis? This plugin is good to have? or having w3 total cache is enough: http://wordpress.org/plugins/db-cache-reloaded-fix/ thanks ! Best regards, Sebastian Papp & His Team
White Hat / Black Hat SEO | | Sebastyan220 -
When clients slap 3rd party benners on their website...
Ciao from Latitude 53.92705600 Longitude -1.38481600 Ive got a naughty cluster of clients who are slapping third banner ads on their home pages for reasons that only marketing executives understand. So here i am on the SEO side Ive added _balnks and no do follows on the rogue banners but i'm looking for a plausible argument to sh@t a client up into not doing this. So my question is please:
White Hat / Black Hat SEO | | Nightwing
"What is the number 1 reason why a client should not place third party banners pointing too non relevant sites (eg a web site focused on furniture placing a bed fred banner on their home page)" Let the games begin!
Ciao,
David0 -
My website disapeared from google rankings, please help?
Our website url is http://www.phoria.com Around January 16th we disappeared from google for the keyword 'kratom' We were on page 3 for the longest time. We have no critical messages in webmaster tools however I did notice most of our links seem to be website directory links.We still rank for a couple terms like buy kratom on page 6.I think a google update occurred around this time so I've read however if we had a variety of links that went against google guidelines wouldn't we have received a message stating so in Webmaster Tools?This month has been very confusing to say the least. Any help would be appreciated.
White Hat / Black Hat SEO | | gregdotcom0 -
Website Hacked now it's not Ranking
One of my domains was hacked right before I took over managing it. The hacker created around 100 links for simply grotesque things. After I took over I erased the entire site, rebuilt from scratch, new server (inmotion), rewrote every page, robots.txt every offending page, and even 301 just in case 404s were hurting me. I am now almost a month in and I have seen zero movement on anything rankings based. This is not a bad domain it was registered in 2008 and has a few decent citations because of the Doc's medical license. They registered for BBB in November and have a 30 year old listing citation from them based on business establishment. I must be going crazy but it's not ranking for anything except the homepage. I didn't know Google could hold a grudge for so long. The only ranking I can sometimes achieve is through Google Places which still has to compete with tough domains. I've already put in a reconsideration request and received a response stating the following: We reviewed your site and found no manual actions by the webspam team that might affect your site's ranking in Google. There's no need to file a reconsideration request for your site, because any ranking issues you may be experiencing are not related to a manual action taken by the webspam team. Just check it for yourself I know it's a work in progress but I'm not even considered relevant on page 50! And the crap links are still indexed!! A search for a keyword I'm aiming for with my client's name followed after gives me no results. I am currently using wordpress, yoast xml, and single keyword focusses. My market is tough but no way I can not rank for the keyword and my name.
White Hat / Black Hat SEO | | allenrocks0 -
New website :301 redirection of a established domain
Hello , I am launching a new website which would host user generated content . Based on my brandname i have purchased a new domain . In order to improve SEO rankings i was considering to purchase a good quality domain (have gr8 link backs) and then perform 301 redirection of the domain to the new brandname.co.in domain . Does this work ? Is there any harm in doing this ? . Does the Link juice pass naturally ? Warm Rgd
White Hat / Black Hat SEO | | ShoutOut0