Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SearchLeeds 2018 - Julia Logan - Irish Wonder - How to audit your site for security

564 views

Published on

Nobody likes a site with security issues – neither Google nor your visitors. (Hackers do but you probably don’t want to make their life easier at your expense, do you?) Making sure your site is secure can save you a lot of headache. Luckily, you don’t have to be an InfoSec whiz to do it – find out about some simple checks you could incorporate into your regular onsite audits to help make your site more secure.

Published in: Marketing
  • Be the first to comment

  • Be the first to like this

SearchLeeds 2018 - Julia Logan - Irish Wonder - How to audit your site for security

  1. 1. #SearchLeeds2018
  2. 2. @irishwonder IrishWonder’s SEO Consulting WHY SECURITY MATTERS?
  3. 3. @irishwonder IrishWonder’s SEO Consulting NOT JUST BECAUSE OF GDPR
  4. 4. @irishwonder IrishWonder’s SEO Consulting SEO NIGHTMARES
  5. 5. @irishwonder IrishWonder’s SEO Consulting HACKED SITES, NO WARNINGS
  6. 6. @irishwonder IrishWonder’s SEO Consulting BY THE TIME YOU SEE A WARNING HERE, IT MIGHT BE TOO LATE
  7. 7. @irishwonder IrishWonder’s SEO Consulting GOOGLE WEBMASTER GUIDELINES:
  8. 8. @irishwonder IrishWonder’s SEO Consulting YOU ARE THE ONLY PERSON RESPONSIBLE FOR YOUR SITE’S SECURITY
  9. 9. @irishwonder IrishWonder’s SEO Consulting MYTH: SSL = SECURE SITE
  10. 10. @irishwonder IrishWonder’s SEO Consulting WHY SITES GET HACKED
  11. 11. @irishwonder IrishWonder’s SEO Consulting PARASITE PAGES
  12. 12. @irishwonder IrishWonder’s SEO Consulting CRYPTO MINING
  13. 13. @irishwonder IrishWonder’s SEO Consulting Data source:
  14. 14. @irishwonder IrishWonder’s SEO Consulting
  15. 15. @irishwonder IrishWonder’s SEO Consulting TWO SCENARIOS OF A SECURITY AUDIT
  16. 16. @irishwonder IrishWonder’s SEO Consulting PLANNED HEALTH CHECK
  17. 17. @irishwonder IrishWonder’s SEO Consulting …OR FIRE ALARM
  18. 18. @irishwonder IrishWonder’s SEO Consulting PLANNED HEALTH CHECK SCENARIO: SHOULD BE PART OF SITE AUDITS
  19. 19. @irishwonder IrishWonder’s SEO Consulting CHECK WHAT GETS INDEXED
  20. 20. @irishwonder IrishWonder’s SEO Consulting CHECK FOR KNOWN VULNERABILITIES
  21. 21. @irishwonder IrishWonder’s SEO Consulting REMOVE UNUSED PLUGINS
  22. 22. @irishwonder IrishWonder’s SEO Consulting REVOKE UNNEEDED ACCESS
  23. 23. @irishwonder IrishWonder’s SEO Consulting CHECK IF EVERYTHING IS LATEST VERSION (AND IF THE LATEST VERSION IS SECURE)
  24. 24. @irishwonder IrishWonder’s SEO Consulting
  25. 25. @irishwonder IrishWonder’s SEO Consulting
  26. 26. @irishwonder IrishWonder’s SEO Consulting
  27. 27. @irishwonder IrishWonder’s SEO Consulting
  28. 28. @irishwonder IrishWonder’s SEO Consulting
  29. 29. @irishwonder IrishWonder’s SEO Consulting A WORD OF WARNING ABOUT SUCURI: IT’S AN EXCELLENT FIREWALL BUT CAN ONLY SEE SO MUCH FROM THE OUTSIDE
  30. 30. @irishwonder IrishWonder’s SEO Consulting CHECK YOUR SSL CERTIFICATE
  31. 31. @irishwonder IrishWonder’s SEO Consulting YOUR SSL IMPLEMENTATION IS ONLY SECURE IF YOU CONSISTENTLY LINK TO SECURE RESOURCES
  32. 32. @irishwonder IrishWonder’s SEO Consulting FIRE ALARM SCENARIO: WHEN YOU ARE HACKED/ SUSPECT A HACK
  33. 33. @irishwonder IrishWonder’s SEO Consulting HOW DO YOU KNOW YOU’RE HACKED?
  34. 34. @irishwonder IrishWonder’s SEO Consulting STUFF IN YOUR SITE: SERPS THAT SHOULDN’T BE THERE
  35. 35. @irishwonder IrishWonder’s SEO Consulting SITE SUDDENLY GETS MUCH SLOWER
  36. 36. @irishwonder IrishWonder’s SEO Consulting  Check your server logs to see any unusual URLs being requested  Check Majestic for your indexed/linked to pages  Check Google Search Console for unusual queries, URLs and crawl errors
  37. 37. @irishwonder IrishWonder’s SEO Consulting ACT QUICK (BUT DON’T PANIC)
  38. 38. @irishwonder IrishWonder’s SEO Consulting HAVE A CLEAN BACKUP
  39. 39. @irishwonder IrishWonder’s SEO Consulting DO NOT DELETE ANYTHING UNTIL YOU KNOW WHAT HAPPENED
  40. 40. @irishwonder IrishWonder’s SEO Consulting UPDATE ALL PASSWORDS
  41. 41. @irishwonder IrishWonder’s SEO Consulting REMOVE VULNERABLE ELEMENTS (IF THERE IS NO FIX CURRENTLY)
  42. 42. @irishwonder IrishWonder’s SEO Consulting UPDATE VULNERABLE ELEMENTS (IF THERE IS A FIX)
  43. 43. @irishwonder IrishWonder’s SEO Consulting CHECK IF YOUR MAIL SERVER IS AFFECTED
  44. 44. @irishwonder IrishWonder’s SEO Consulting CLEAN UP YOUR SERPS
  45. 45. @irishwonder IrishWonder’s SEO Consulting • info@irishwonder.com • Twitter: @irishwonder • Slideshare (for this and other decks): http://www.slideshare.net/irishwonder/ • LinkedIn: linkedin.com/in/irishwonder • Blogs: http://www.irishwonder.com/blog/ - general SEO http://www.irishwonder.syndk8.co.uk/ - darker areas

×