Go Back   Wiki NewForum > General Discussion

General Discussion WikiPedia, WikiHow, Which is best, Which is Better, How to, Top 10, Tips, Bikes Forum, Mobile Forum, Gadgets Forum, Health and Food Forum, Sports Forum, Travel, News Breaking, New Information, India Forums, IPL 10 Forum and More

Reply
Views: 293 Source: CNN18.com, India-Forums, TellyChakkar, India, Times of India, Youtube, BollywoodLife, Rediff  
Thread Tools Rate Thread Display Modes
  #1  
Old 12-11-2009, 07:11 AM
bholus10 bholus10 is offline
Award Winner
 
Join Date:
Nov 2009
Posts: 10,086
Default Defend Against Black Hat SEO: Your Webhost Can Help

The world wide web is a dynamic, exciting place to launch a new business or promote your organization’s message. It’s also a lawless landscape in which black hats – crackers, hackers and other on-line evil doers – roam with very little oversight or law enforcement.

And that means it’s up to every site owner to ensure that his or her site is defended against intrusions, code injections and other forms of attack. There’s plenty of software to help keep hackers out of your desktop pc, but what about your hosting service? How can you protect server-based data?

Top-tier web hosting firms design proprietary hardware and software protection to ensure that your business is secure. But site security doesn’t stop with impenetrable firewalls, spam zappers and e-mail scanners. In fact, if you go with a hosting service that isn’t up to speed on the latest forms of hacker attackers, you could quickly find your site is no longer under your control!

Great hosts “harden” their server systems to deter and deflect known exploit points in the software the servers run and in any client-site’s code! There is where the value of quality hosting comes into play .

XSS Attacks



XSS stands for cross site scripting and it poses a threat to even the most secure sites because XSS exploits vulnerable hardware and software holes that allow black hat SEOs to circumvent commonly employed security systems. In an XSS attack, black hats inject malicious HTML script into site pages of other domains. They do this for two reasons.

First, in some instances, black hats inject undetected scripting into competitor sites to taint these sites when SE bots spider them. Imagine, a competitor is able to access your site’s code, insert invisible text (at least invisible to you) and, when an SE bot discovers this invisible text, your site is slammed. Even banned from Google. Don’t think it can happen? It closes down on-line businesses daily.

So what kind of attacks can be “planted” on your site? There are plenty:

- Redirects take visitors to another site as soon as they reach yours.
- Overloading alt tags, meta tags and other interior coding with keywords, sometimes called keyword stuffing.
- Inaccurate or misleading keywords inserted within site pages.
- Cloaking, which detects search engine spiders and changes site text to improve PR.
- Pagejacking, the practice of stealing site content, can not only cost you in sales, it can also slam your PR because your content isn't “original” any longer.

Any of these black hat SEO tactics and more (spamglish, links farms, virus injections, etc.) can and will do severe, if not irreparable, damage to your on-line enterprise. Why?

Ads

Last edited by bholus10; 12-11-2009 at 07:12 AM.
Reply With Quote
  #2  
Old 12-11-2009, 07:12 AM
bholus10 bholus10 is offline
Award Winner
 
Join Date:
Nov 2009
Posts: 10,086
Default

SE Bots Are Brainless



SE spiders are dumber than a box of rocks. Theyíre unable to discern legitimate text from a malware injection. They rely, solely, on automation to assess and categorize a site. Thereís no subjective analysis. Just text strings that are sorted completely by brainless bots.

A competitor, using one of the XSS attacks listed above, exploits to ďde-optimizeĒ and make it appear that youíre using black hat SEO tactics, or can gain access to your site through a web browser and/or inject toxic data to devalue your content.

Google Penalties For Black Hat Tactics



The purpose of any search engine is to deliver relevant, useful SERPs to usersí queries. So, when a Google bot discovers what it perceives as an attempt to falsely increase value, the site may suffer serious, site-threatening sanctions.

Some of these penalties may be imposed without you even knowing about it Ė until you discover that site revenues have dropped 75% in two days as a result of lost rankings and traffic!

A site discovered to employ black hat SEO may be penalized in page rank, may lose PR altogether, may experience SE indexing issues (partial or mis-indexing, for example) and, for the worst offenders, banishment from the Google site altogether. Dead in the eyes of Google bots.

So, hereís the problem: without your knowledge, a black hat competitor can inject toxic script into your site that could, conceivably, get your site banned from Google. Even if you and your web host have all the firewall and intrusion detection protection there is.

It Gets Even Worse



The second reason black hats use cross site scripting is to actually gain access and control of your on-line business. Certain types of XSS attacks actually enable a complete stranger to acquire the same system privileges reserved for the site owner - you.

Access to sensitive customer data, bank account information, the entire back office Ė all can be achieved with relative ease by a knowledgeable cracker looking to steal and plunder your site.

Whether the black hat is a competitor who wants to eliminate the competition, or a script-kiddie looking to clean out the till and sell some credit card numbers, your on-line business is at risk regardless of how much security you and your web host deploy.
Reply With Quote
  #3  
Old 12-11-2009, 07:13 AM
bholus10 bholus10 is offline
Award Winner
 
Join Date:
Nov 2009
Posts: 10,086
Default

This Is Where Quality Web Hosting Enters



During the design, administration and growth of a web-based business, numerous tools and applications are used by site owners and designers. Thereís site building software, email management software, a check-out, customer database, automated shipping apps, tools for developing site metrics and many others.

This software isnít necessarily designed with security as Priority One. Often, there are openings in commonly-used ebiz software that are exploited by black hats during the execution of an XSS attack.

And, because of the nature of these attacks, system and server security measures can be breached because, in essence, the hackers piggyback their way onto an unsuspecting site using the site administratorsí credentials to gain access and/or control.

The key to protection from XSS attacks is in the proper configuration of all of the applications and tools that comprise your on-line enterprise. These apps must be synced up to work together while, at the same time, developing protection against XSS attacks.

This configuring of applications is done at the host level and should include a detailed analysis of potential XSS entry points within the siteís design and reconfiguration to fit the server security already in place.

Go With The Host Who Knows



If your web hosting service isnít familiar with the growing danger of XSS attacks based on application exploitation points, consider finding a more informed host.

Itís not a matter of securing your business system locally. And itís not a matter of the multi-layers of protection offered by your web host.
Reply With Quote
  #4  
Old 12-11-2009, 07:13 AM
bholus10 bholus10 is offline
Award Winner
 
Join Date:
Nov 2009
Posts: 10,086
Default

This Is Where Quality Web Hosting Enters



During the design, administration and growth of a web-based business, numerous tools and applications are used by site owners and designers. Thereís site building software, email management software, a check-out, customer database, automated shipping apps, tools for developing site metrics and many others.

This software isnít necessarily designed with security as Priority One. Often, there are openings in commonly-used ebiz software that are exploited by black hats during the execution of an XSS attack.

And, because of the nature of these attacks, system and server security measures can be breached because, in essence, the hackers piggyback their way onto an unsuspecting site using the site administratorsí credentials to gain access and/or control.

The key to protection from XSS attacks is in the proper configuration of all of the applications and tools that comprise your on-line enterprise. These apps must be synced up to work together while, at the same time, developing protection against XSS attacks.

This configuring of applications is done at the host level and should include a detailed analysis of potential XSS entry points within the siteís design and reconfiguration to fit the server security already in place.

Go With The Host Who Knows



If your web hosting service isnít familiar with the growing danger of XSS attacks based on application exploitation points, consider finding a more informed host.

Itís not a matter of securing your business system locally. And itís not a matter of the multi-layers of protection offered by your web host.

Itís a matter of thinking like a black hat and taking a proactive stance against XSS attacks they may employ. If you arenít sure your site is protected, and your hosting rep canít provide the assurances you require, talk to another hosting company before disaster strikes and your site is banned from Google.

Itís that important.
Reply With Quote
Reply

New topics in General Discussion

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Forum Jump


Powered by vBulletin® Version 3.8.10
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
asp web stats