- Impact
- 13,260
In case you need more incentive to keep your site from being hacked, Google is rolling out new algo updates to "aggressively" target hacked spam pages. They are saying it may affect as much as 5% of all queries, which is HUGE (by comparison, the first Penguin update was said to affect only 3.1% of all queries.)
Google Webmaster blog announcement
Story on SearchEngineLand
Hacked pages were always subject to a manual penalty or affecting a site through content or manipulative link penalties, this sounds like it will be much more severe. Hopefully, it will be an easy-reversible penalty that re-evaluates when the site is crawled, not one where you have to wait months for a rollout like Panda/Penguin!
So what should you do?
1) Check your site once in a while
!
2) Verify your site with Google Search Console. They will notify you if they notice your site's been hacked (though they're a little slow on the uptake.)
3) Promptly install updates and security patches
4) If you're using a popular CMS, don't use default settings if you can avoid it
5) Use strong passwords
6) Have a good firewall. Use a firewall plugin for Wordpress, limit login attempts, etc.
7) Use well-maintained plugins
8) Unless you know what you're doing and are committed to learning and following best security practices, avoid Joomla. This is a personal observation, based upon the relatively high percentage of Joomla sites that I've seen get hit.
Google Webmaster blog announcement
Story on SearchEngineLand
Hacked pages were always subject to a manual penalty or affecting a site through content or manipulative link penalties, this sounds like it will be much more severe. Hopefully, it will be an easy-reversible penalty that re-evaluates when the site is crawled, not one where you have to wait months for a rollout like Panda/Penguin!
So what should you do?
1) Check your site once in a while
!2) Verify your site with Google Search Console. They will notify you if they notice your site's been hacked (though they're a little slow on the uptake.)
3) Promptly install updates and security patches
4) If you're using a popular CMS, don't use default settings if you can avoid it
5) Use strong passwords
6) Have a good firewall. Use a firewall plugin for Wordpress, limit login attempts, etc.
7) Use well-maintained plugins
8) Unless you know what you're doing and are committed to learning and following best security practices, avoid Joomla. This is a personal observation, based upon the relatively high percentage of Joomla sites that I've seen get hit.
