Website Security
Don’t think Your Organization Needs a Website Security & Maintenance Plan?
Neither did I in March of 2018.
NOW….. I’m a woman on a mission! My site was hacked not long after Godaddy was hacked in August of 2018. What? At first, I was having the pity party of a lifetime. “WTH…Why me?” I just spent 12 months and countless hours redesigning and creating content, then launched the new website in April 2018. In August, some hacker decides to make my website his testing ground to wreak havoc on my business. Livid doesn’t begin to express the emotions.
And What To Do About It …check out our Website Security & Maintenance Plan
Then I realized this is an opportunity to learn all about what just happened here and what can I do about it? How to fight back! Why? So I can do this for all my clients and have the strategic weapons to prevent hackers from violating any of our websites ever again. “Never” is a pretty tall order. But at Hit-the-Web Marketing, that is one of our latest and ongoing missions.
I find a little consolation from WordPress saying “don’t feel bad this is happening to even the best of cybersecurity companies”. It’s happening to large companies who are investing megabucks to secure their information as well as their client and patient information. So, hacker, you have nothing better to do than to bring down good business? We are not going to take this. I never stand down from a bully. Cyberbullying is an even bigger coward. No face to him or her. How convenient for you.
Here’s what I have found so far. The following signs start showing up in places you may not consider. Read On.
- Website issues
- Email Marketing Issues
- Social Media Issues
- Strange files on the server
- Our Website is Blacklisted
- Our Google ranking is demoted
- Erroneous Backlinks with Phantom URLs
- Redirects to phantom pages
Signs Your Site is a Victim of a Hacker Playtoy
Website Ahead Contains Malware
An unsuspecting returning business owner called HTWM to help with online marketing. My attempt to look at the website …here’s what we found. Is this a hacked site?
The message says “404 There isn’t a GITHUB PAGES SITE HERE If you’re trying to publish one ….”
You may see a message with the red screen of horror.
“The Website Ahead Contains Malware! Google Chrome has blocked access to malware.testing.google.testing for now. You may have visited this site in the past. Doing so now is very likely to infect your Mac with malware. Malware is malicious software that causes things like identity theft, financial loss, and permanent file deletion.”
Your email campaigns are giving your readers a warning that your site may be hacked.
We were developing one of our monthly email reward programs, all the while malware was lurking. We sent our email to a couple of our testers. As one tester clicked a link to the website, he reported that he received notice of the website containing possible malware. “Ok,” I said, “I’ll look into it.”
I didn’t. He was right!
Don’t take this lightly. I did. I figured it was because I was sending a test email. Little did I know a virus was lurking and spreading all sorts of havoc.
Lesson Learned. emails with links to your website will give warnings to possible malware if they click forward on the link.
Your Social Media Has Signs of Malware
Linkedin will show malware in your profile link to your website
Twitter would not allow us to post tweets that include links to our website. I couldn’t understand why… until I found out why. The site was hacked.
Facebook didn’t show any signs that anything was wrong. No flagging of links to the website here.
Scan Website for Malware
A dashboard within a website malware scanner Sucuri shows me a list of what was going on with malware as it infiltrated all our hard work! You can see McAfee and Spamhaus blacklisted the website, it was indicating that our domain was a Critical Security Risk. This means a Critical Security Risk to my customers, clients and to my visitors. Also states that the version of PHP needs to be updated. Note it is only .1 version away from the most recent version.
WordPress’ most vulnerable plugins
Erroneous Files on Website Hosting Server
I found files on the server where my website files reside with names similar to agldktje.php.
Backlink Signs of Hacked Website
I used Neil Patel’s backlink report to find backlinks to URLs that we didn’t create.
For example, as the image above shows “Police Radio codes victoria australia hitthewebmarketing.com/agldktje/nlaceljk.php?tykesaw=police=radio-codes-victoria-australia” a totally random directory and PHP files that never before existed. And they no longer exist.
Google Rankings Drop Due to Malware
Your Google ranking will be demoted. Yes, all the hours spent searching for the best keywords, using them in the content are demoted in a swipe of the evil witches’ wand.
Conclusion
In conclusion, your countless hours of content creation, search engine optimization, creatives of your most important online business asset – Your Website – can vaporize in an instant, if you are not paying attention and taking proactive steps. What is at stake is your reputation, your website, your social media, your email marketing, your search engine ranking. It can ruin your business, and most importantly if a visitor, client, customer, or prospect has been infected it can ruin their computer and possibly their business. It is bad enough if they receive the screen of red horror. What are the chances they will return to your website? Two chances; slim and none.
How Hit-the-Web Marketing Helps Our Clients Handle Their Website Security
Hit-the-Web Marketing knows first hand how to deal with this situation. We now know all the steps needed to recover from this tragedy. We have plans, policies, and procedures in place to ensure this doesn’t happen again. It’s part of cybersecurity and we are on it! We can help put procedures in place for your business website before this ever happens to you. We have been in the technology industry for over 33 years. We can help you.
Here’s What to Do About it!!! We built a Website Security & Maintenance Plan to help ensure this doesn’t happen to you.
Can you do this yourself? If you are technically inclined. What do you want to focus on? Building your business or spending hours ensuring your online presence is safe. Let us take the worry out of your business becoming the next victim. It’s not a matter of if, it’s a matter of when.
Updating Software Can Take Down Your Website
Some things can go wrong when the software is updated. We have seen this take down websites. They then have to be restored from backup. Don’t have a backup? Then it’ll cost you to have another website built. Try to remember all that you have into this one. It can be a nightmare. We have been able to rebuild websites in a day with our procedures.
Why Hit-the-Web Marketing? The Technical Knowledge
We have the technical know-how to correct things when good intentions go wrong. Keeping your website safe means keeping software updates, having scheduled backup procedures in place, backing up in more than one location, scanning for malware, and preventing login attempts and ensuring hackers accessing your website by guessing passwords doesn’t happen. We provide monthly reporting so you can see what has been done to keep your biggest online business asset – your website – safe.
Carol is the founder of Hit-the-Web Marketing since 2009. She's been building websites and marketing campaigns from scratch into something scalable and successful for over 20 years.
We build websites around lead generating strategies. Then, we go to work driving traffic to your website, converting visitors into customers, and nurturing and retaining your customers. Our main service is Google Ads. Because 92.07% of people searching on the web use Google as their search engine of choice.