Has your website ever been hacked? Mine has. In fact, this blog is two years older than it appears to be because a few years back, hackers hacked into my server and wiped out all of my databases. At the time, I wasn’t using an automatic backup plugin, like I am today, and I lost two years of content! That sucked.
But there are other types of hacking. Cloaking is a big one, and if your site is getting lots of traffic from Google, you could be a victim. Hackers may try to take advantage of that by getting into your account, and teaching your server to show different pages to search spiders than the ones you created.
Here’s how it works:
Hackers get into your server and add a meta tag to the head section that redirects visitors to their spammy or porny site, but when search spiders come, they see the site that’s supposed to be shown — yours.
They can also come in and add links to spammy sites right amongst your good content. Or, they can set up phishing sites using your hosting account.
None of this is good for you because… Google or Bing or whomever won’t know that you’re not the one changing the “meat suit” (the pages with your good content), and you may be banned from the index for cloaking pages. Plus, you don’t want visitors clicking links in your content and finding ugly stuff that you never intended for them to see. They won’t know that it’s not you adding the nasty linkage.
How do you know?
It’s easy to check and see what’s going on, if you are familiar with HTML. Just check your page for a redirect meta tag or any other meta tag that doesn’t look right or that you didn’t add. Also look for javascripts or other elements that you didn’t add to your page.
If you’re not familiar with HTML, you can just type in the site: query into Google (site:yourdomain.com) and see what comes up. Click on some links and see if they lead to the pages you intended. Your home page is the most likely candidate for hackage.
But also go into your server via FTP or your File Manager periodically and make sure there are no subdomains that you didn’t add. Those would be your phishing sites. I had that happen to me, too. Needless to say, I dumped that hosting company like a hot potato once I figured things out.
What to do…
Get a secure hosting company, such as Host Gator. I’ve used them ever since that happened way back in 2006, and I know they’re watching things. They rock!
Plus be sure to create a really good password for your hosting account. Use upper and lower-case letters, numbers and symbols and you should be good to go. Using simple words or numbers won’t cut it. They’re too easily hacked.
So, that’s it. If you’re not making the sales you think you should or getting the comments or whatever… if you just think things aren’t what they should be… Make sure that you haven’t been hacked, and if you have, get rid of the bad stuff before it hurts you.
