This is a guest contribution from Dennis Rundle.
Black Hat SEO practices have been going on for years without any signs of slowing down.
Regardless of the efforts Google makes with the purpose to stop black hatters from attacking vulnerable websites, these tactics haven’t become obsolete. Black Hat SEO practices are usually performed with the purpose to trick search engines. Some of these strategies include doorway pages, keyword stuffing, and invisible text.
Doorway Pages as a Threat to Your Website
Doorway, also known as a bridge page, entry page or jump page, is a page that black hatters design for the purpose of gaining top positions in Google’s search results. This page seems relevant to the search engine because it contains the right keywords. It usually includes hidden text, which is stuffed with keywords and phrases that would rank it in the search results.
Who would be interested to attack your website with a doorway strategy? That would only rank you higher, right?
First of all, let’s clarify one thing: doorway pages are a black hat SEO strategy that won’t help your site on the long run.
When a hacker compromises your website, he will incorporate hidden spammy links that will redirect visitors from the search engine (which is listing this page) to illegal or malicious sites that steal credit card numbers, sell pirated software, offer fake luxury goods, prescription drugs, beauty products and slimming pills, or promote adult/gambling content. As an example, here is the comparison of the regular website of Hope is Life against the page that appears when you follow the link from Google search results:
The techniques that hackers usually use for such purpose include creation of rogue files and directories, modification of existing files, or adding URL rewrite rules to server configuration files. If the webmaster isn’t diligent enough, these changes may remain active for a very long time. Since the hacker can place the rogue content outside of the host site’s file system, you won’t notice anything suspicious when checking the integrity of your website’s files.
Here is an example of a Google search that contains a link to a redirecting doorway page:
As you can see, some of these results are hosted illegally on servers that have nothing to do with the keyword in question. The most common keywords that hackers include in such cases include target words such as price, buy, discount, prescription drugs, porn, casino, payday loan, bargain, cheap, free, review, cheap luxury, along with a branded keyword, such as zanax, cialis, viagra, Chanel, etc.
If you conduct a Google search for buy cialis or buy viagra, for example, you will see many doorways on hacked sites that won’t lead to their actual pages.
How to Check if Your Website Has Been Hacked
Cyber criminals have compromised a huge number of websites with the purpose to put their doorways to top search results on Google. In most cases, the hacked websites link to several doorway pages, so the black hatters increase the chances that the search engine will choose at least one of them to display on the first page of the results. This strategy is also useful if Google or the webmaster removes some of these doorways.
This situation puts your website under risk, since it can be a subject to a Google penalty, leading to loss of traffic and a lot of work to fix the damage. Since it can be tricky to determine whether or not your site has been a hacker’s target, you have to be more diligent than usual.
Here are few of the things you can do in order to detect a black hatter’s attack:
How to Prevent Black Hatters’ Attacks
Prevention is always better than treatment. The best way to avoid unpleasant scenarios caused by a hacker is to make your website really difficult to compromise. These are the things you can do for such purpose:
You simply cannot be negligent when it comes to your website’s security. Only your system administrator should have the permission to maintain the site. Never use default names for application administrators, since they make your website an easy target.
You need to use a website firewall in order to provide strong protection for your website. Firewall technology has come a long way since its beginnings, so you can finally find effective, but affordable options that will protect your website.
You can also use an integrity tool that will notify you about changes in the file system. If you are aware of all changes that are being made, you will immediately spot an attack. Also you could also ask for an advice from our professionals http://webmastersafeguards.blogspot.co.uk/
Remember: You need an efficient remedy
No matter how hard you try to protect your website against hackers, it may still become a target at any moment. If a hacker managed to achieve sneaky redirection, you are in danger of greater damage. This means that you need to have a backup plan just in case. If you perform daily backups of your website, you will avoid losing valuable files in case of attack.
Dennis Rundle is CEO of “Webmastersafeguards”, an internet geek, and security enthusiast. His goal is to promote fair and square rules for all websites and to eradicate malware.
Originally at: Blog Tips at ProBlogger
How to Prevent Black Hat SEO Techniques Against Your Vulnerable Website