Website Security as a Technique for SEO
An econsultancy.com blog posting concerning search engine optimisation (SEO) and website security caught my eye. Website security as SEO discusses how compromise of your web site or web server might lead to it hosting malware and the disastrous, and rapid, decline in search engine referrals.
The discussion references What's An Exploit Worth To Your Google Traffic? which explains the experience of CenterNetworks, a collection of sites helping various industry professionals learn more about topics such as social networking, Web 2.0 and social media. Following a compromise that left malware being served to visitors from their site, traffic was reduced significantly:
At the lowest point, nearly 70% of Google-referral traffic to the site in question was lost
Here's what Google might display after a potential customer clicks on your natural search link, for a web site I almost visited this week:
![Screen capture which is displayed after clicking on a search result hyperlink stating 'Advisory provided by Google - Safe Browsing - Diagnostic page for [site name removed] What is the current listing status for [site name removed]? This site is not currently listed as suspicious. Part of this site was listed for suspicious activity 1 time(s) over the past 90 days. What happened when Google visited this site? Of the 1 pages that we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time that Google visited this site was on 2009-05-13, and the last time that suspicious content was found on this site was on 2009-05-01. Malicious software includes 4 exploit(s). This site was hosted on 1 network(s) including [network name removed]. Has this site acted as an intermediary resulting in further distribution of malware? Over the past 90 days, [site name removed] did not appear to function as an intermediary for the infection of any sites. Has this site hosted malware? No, this site has not hosted malicious software over the past 90 days. Next steps: * Return to the previous page. * If you are the owner of this website, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Centre.'](/posts/2009/safebrowsing-google-malware.png)
With one web page being infected every 4.5 seconds by a new malware attack (New Web-Based Malware Attack Hits Internet with Huge Rate of Infections, 15 May 2009), it is legitimate web sites that are spreading the problem (Legitimate Websites are Hosting Most of the Web-Based Malware Due to Poor Security Measures, 15 May 2009).
Many organisations spend a significant amount on search engine optimization (UK Search Engine Marketing Benchmark Report, April 2009)—a single vulnerability could throw much of that investment away. I have three recommendations:
- think about what you would have to do if the same situation occurred to your web site
- get your web site tested for vulnerabilities that could be exploited to host malware
- make sure you have ways to detect the situation, if it arises, as soon as possible.
And, do them now.
Posted on: 15 May 2009 at 17:30 hrs
Comments are filtered automatically and should appear shortly after they been checked.