Recently Google made some surprising and important announcements on their Webmaster Central Blog. In late September, they announced an observed 180% increase in website hacks and a 300% increase in reconsideration requests related to them year over year. Along with this, they announced some steps they had taken and new tools available to combat these site hacks.
A week later, they announced their intent to de-index sites affected by these hacks both to protect users and discourage the continued use of these tactics by malicious webmasters. They projected these changes to eventually affect roughly 5% of web searches, a sizable figure compared to most of their algorithm changes.
What is Causing This Increase in Website Hacks?
The answer is a complex one. The ubiquity of open source platforms like WordPress is one main reason. Vulnerabilities are occasionally discovered in older versions or un-updated plugins, and then scripts can be created to find the vulnerability and exploit it in thousands of websites at a time. The reasons people have for exploiting these vulnerabilities varies, but two of the biggest are collecting personal or valuable information, and distributing malware.
This year has seen a number of very high profile vulnerabilities that affected millions of sites. The Heartbleed vulnerability in April was the largest of these, and affected everyone using SSL security on their website.
WordPress isn’t the only culprit. Any widely used software occasionally has issues, like OpenSSL in the case of Heartbleed. Server software like Apache and nginx that is out of date can also be exploited. Very frequently, software vulnerabilities aren’t even the cause of hacks. Poor password protection or insecure passwords are another very common problem.
What is the Solution for Website Owners?
For webmasters, it is important to keep website software and plugins, as well as servers up to date. Servers should also be properly set-up and managed to prevent unauthorized access. Passwords should be secure and unique.
If a breach is discovered, several things must be done. First, the vulnerability that allowed the attacker access must be identified and closed. Second, any files left on your server must be cleaned out. Simply restoring from a backup isn’t sufficient, as the attacker may have left files hidden on your server that allows them a way back in.
The ‘Fetch as Google’ tool in Webmsaster’s Tools is helpful for this, as it allows you to see hidden content that may have been left by the hacker. If you are unsure of how to recover from the hack yourself, it is best to enlist the aid of a developer or security consultant.
After the breach is fixed on your server, it’s important to let Google know that all is clear. With the changes Google made recently, it is very likely that they will have de-listed your site after the hack, so you will need to re-submit the site for approval. You can do that by following Google’s instructions here.