An Innovation for the SEO Industry
April 6, 2012
Short honk: Navigate to “We Got Hacked for SEO, As Did Other Major Technology Sites.” If accurate, the story is that quasi SEO folks gained access to certain “major” information services and put in “juicy links and an occasional canonical tag.” The idea is to generate traffic for a site unknown to the operators of the “major” sites. SEO has broken new ground. Fascinating. Is there a conference for this yet? Another question I am considering is, “If a major technology site is vulnerable, how secure are these “major” outfits’ Web sites?”
Stephen E Arnold, April 6, 2012
Sponsored by Pandia.com
Comments
- Subscribe to Beyond Search
Feature archive
News archive
-
Hardly a new ground, where hacking of sites has been going on for years, either for SEO backlinks or affiliate cookie stuffing.
But let’s make sure everybody understands, both the SEO and Affiliate industry see hacking as unethical and it is probably against certain countries laws.
This is not the newest trick in the tool box of every SEO!
The big sites that use the WP Pro service from Automattic are probably in better shape than many who run their own infrastructure, but big in terms of traffic doesn’t mean big in terms of spending on security and infrastructure.
Most sites using WordPress leave themselves vulnerable. At the very basic level if you run WP, you should:
+replace the user “admin” with anything else as the administrative user
+set WP to only allow https connections to wp-admin
+always use SFTP when adding plugins or updating WP (never FTP)
+place an Apache password in front of the WP login
There’s a ton of additional stuff that locks things down further, but those 4 things dramatically reduce the likelihood of getting hacked.