Help! My site Has Been Blacklisted by Google!

When you get the dreaded message in your browser, warning you that Google has blacklisted your website because it found Malware, you know you are in for a rough day. However, there are some pre-emptive steps you can take to avoid this happening to your website.

Making sure that your site is protected and secure is important to protecting your online “image.”  Most sites now have a “password strength indicator,” giving you an idea of how good the password is that you’ve chosen.  How effective they are varies depending on the parameters set up to judge the password, and not all strength indicators are created equal.

Here are a few things to contemplate when choosing a password for your hosting account or any content management system (CMS) you might have on your site:

1. DON’T use only numbers. 12345 may be an acceptable combination for your luggage, but not for your hosting account.  Phone numbers, birthdays, and any other number combination that can be publicly accessed is like putting a big target on your account that says “hack me.”
2. DON’T use only letters. Any single word in any language is a bad choice too.  Most hosting companies won’t allow this now, but that doesn’t mean it’s still not out there.  You might think it’s really clever to use “password” as your password, but about 10,000 people thought of that before you did.  And they’re likely regretting it now.
3. DON’T let anyone else have your password unless they manage the account for you.  Even then, you have to be careful.  If you’re a business owner, you’re the face of the business and the person that cares the most about making a good impression on a web site or anywhere else.  If the relationship with this account manager goes sour, having your account info could allow them to do serious damage to your reputation as a reliable resource on the web.  That leads to the next point:
4. DO change all account information before you fire/lay off/change the person managing a hosting account. Do I really need to explain why?
5. DO use a mixture of numbers, mixed-case letters and, if possible, special characters for your password.  ”spacelysprockets” isn’t a great password, but changing it to “Spac3lySpr0ketsRGr8!” becomes nearly unbreakable.
6. DO change your passwords regularly.  The main reason why a lot of hosting companies now require their customers to change their passwords every so often is because they don’t follow the list of recommendations above and don’t have a solid password protecting their account.  Changing your password regularly, though a pain, does increase security.  Get a list of 3-4 passwords that are easy to remember and cycle through them.

So what happens if something slips through the cracks and your site is compromised?  The first thing is not to panic.  Then you should make sure you have this laundry list of things completed to ensure a smooth recovery:

1. Make sure you have a backup.  You’ve backed up your site.  At least once, right?  Because you may need to restore your site from that backup.  Some hosting companies offer backup services for your company’s site as part of their package, but make sure you understand exactly what it is they back up and how often.  You may need to use this backup in order to restore your site into good, working order.
2. Create a Google account to monitor your web site.  Creating a Google account is easy and it opens you up to a plethora of tools that are easy for managing your online presence.  Among them, “Webmaster Tools” offers you several diagnostics for your website, and is easy to set up.  You’ll just need to upload a file in the root directory of your web server so that Google can verify that you actually own and have access to the server.  If your site ever is hacked and identified as distributing malware, you use these tools to notify Google once you’ve cleared up the offending problem.
3. Check your site regularly.  Sure, you may know all the information on your site by heart, but be proactive about checking it regularly to make sure there are no problems.  Your hosting company won’t call you when it’s down or if it’s been hacked.

What do you do to keep your passwords safe? 

Stay Connected

Subscribe