You can have a robust code, strong passwords, an up-to date CMS system and plug-ins but that doesn't prevent someone from breaking into your website. In a recent post in the Webmaster Central Blog, Google explains how hackers take advantage of vulnerable sites by adding spam my content and redirecting users to harmful or undesired locations.
In order to protect the users from spammy content, Google unfolded a list of guidelines to help webmasters find hacked content on their websites and tips to fix and prevent hacking.
No website is hacker-proof. So once you discover that your website has been hacked, it is important that you get rid of it as soon as possible. In order to find and fix the hacked content, Google suggests:
- Perform a “site:” search of your website to check for suspicious URLs and directories. You can also set up a Google Alert for your site to receive an e-mail from Google whenever suspicious keywords are detected on your website.
- Inspect for unnatural queries on the Search Queries page in Webmaster tool. Checking the returned URLs from your site for unexpected queries can help you in finding the hacked content. If you find queries in different languages, get alert, because this can be an indication of spammy pages placed in other languages on your website.
- By enabling e-mail forwarding in Webmaster tool, you can receive messages by Google, whenever it detects hacked content on your website.
Google's recommendations to prevent hacking of your website:
- Be a regular reader of the Security Issues section in Webmaster tool to discover the hacked pages detected by Google on your website. Google also provides a detailed document to help you fix your hacked sites.
- Google advices to have an eagle's eye on the potential attacks on your sites rather than cleaning up the mess later. You can do so by updating your software and website management tools regularly. Most importantly, choose a hosting provider that you can trust to maintain the security of your website.