ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

How to Protect Your Website From Hackers, Cyberthugs and Algorithm Changes

Updated on November 9, 2017

The Most Common Site Attacks

Unless you’re the FBI, the IRS or the CIA or someone else with a sensitive high profile organization, you won’t be getting targeted by sophisticated hackers. However, there are plenty of amateur hackers who create automated scripts to penetrate people’s web security and deface their website.

As you can imagine, fixing the damage done by these “script kiddies” can be time consuming and all the while, you could be losing business and credibility. Let’s look at a few simple things you can do to keep these types of hackers from accessing your site.

Simple Site Security Measures

When you monitor the logs of your website, you’ll find that hack attempts typically come from the user-agent “libwww-perl.” These user-agents attempt to access pages (URLs) on your site for the sake of injecting code or uploading files into your site. Once these scripts (often called “botnet” scripts) are injected or uploaded, they can wreak havoc on your website and disable many of your interactive functions such as server side programs.

These types of hacks can be prevented by simple blocking access from libwww-perl user-agents and URLS which include the command “=http:” “=http:” is a common code which is used by who hackers attempting to access your site and connect it to another site which contains the malicious script or software. For example:

This can be prevented by adding a code to your .htaccess file which disallows libwww-perl user-agents from accessing your site:

RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)=http [NC]

RewriteRule ^(.*)$ – [F,L]

In addition to blocking access from potentially harmful agents, you’ll want to block the directory browsing on your website. When directory browsing is enabled, users can access directories/folders which contain your files, this means your web pages, your CSS files and any files which are uploaded to your server. You can block directory browsing on your site using the following steps:

  • Click on the “index manager” option from your CNC panel.
  • Click on the directory/folder on which you wish to disable browsing.
  • Select the “no index” option and save your settings.

Once you’ve completed this, you can double check the blocked settings by typing the directory URL into your browser. Repeat this set of steps for every directory which you wish to block directory browsing on, which (with very few exceptions) would be all of your directories.

Other Security Precautions to Consider

In addition to blocking directory browsing and libwww-perl access, have your web programmer change any scripts using the GET command and have them replace that command with the POST instead. Without getting into the VERY detailed explanation of the difference, the GET command is much less secure than POST and there’s really no difference in the options provided by either.

Also, before you change any of your file permissions to 777 (read/write/execute) be sure that you a specific reason for doing so. Most of the time, it’s better for you to leave these changes to your web programmer. If you purchase a piece of server side software which requires you to change file permissions to 777, be sure that you thoroughly research it on all the major search engines before using it and to proceed with caution.

If you require the assistance of a web programmer to complete any of the above tasks, you can hire one and they can complete these simple steps in no more than one hour. In fact, you can also hire them to create your robotstxt file, execute your file compression and create your meta tags, all of which they can complete as a reasonable small and inexpensive job.

These simple security measures will keep most cyberthugs out of your website. If you feel that your site might become the target of more experienced and determined hackers, your next course of action would be to hire a professional web security consultant. However, unless you’re a high profile organization with supersensitive and valuable data on your site, these measures alone will most likely solve your security concerns.

Algorithm Changes Hurting Your Website

By choosing to use SEO as a main marketing technique, we give up a portion of our control to a third party. That third party is Google.

Cooperating with Google and adhering to their standards can bring high rewards, so the trade of control is usually worth it. Google receives a new website submission which will hopefully provide the answer to their user’s search queries and we internet marketers get targeted traffic from our submissions. Seems like a fair trade. However, it doesn’t always work out this well.

Within the past two years, Google has been releasing algorithm updates on a large scale. These updates specifically target different types of websites. The Mayday Update, for example, targeted “Google sniper” websites (sites with only a page or two of content built with the sole purpose of getting high rankings for as little effort as possible and selling products or collecting emails) which gamed Google's algorithm to fill up popular search results with spam websites. With the Mayday Update, many marketer’s full-time incomes were gone overnight.

Google followed this with the Panda Update. Although this update was more subtle, the results were staggering. Massive sites which were previously viewed as authority websites lost huge portions of their traffic.

The story doesn’t end there. With each of these updates, Google has cleared the web of spam content and filler niche websites. These spam websites aren’t the only victims, though. Much like the food chain, when you disrupt one group of websites, you dramatically affect the entire internet. When Google updates their algorithm, it can drastically affect ALL websites on the internet – even white hat websites.

In today’s article, we’ll go over a few essential tips to help your website weather any future algorithm updates.

Create a Fantastic User Experience

The first and most important factor to remember might seem quite obvious at first. Provide each visitor to your website with a great browsing experience.

Have you ever had this experience? You search Google looking for answers and the first site you visit is exactly what you’re looking for. This is the effect we need to duplicate with our own websites.

Although this factor is obvious, it’s too often neglected due to laziness or lack of time. It’s not easy to create a great user experience. You need to provide quality content and test it multiple times. Determine what the market wants out of your website and deliver that experience. If you can deliver the ideal experience to your visitors, your odds of avoiding damage in a future update is dramatically increased.

Outsourcing Content? Quality Check!

Content creation can be an extremely time consuming process. Each new website created requires pages and pages of fresh content. If your goal is to run a large authority website, you’ll need hundreds of pages of content. For this reason, outsourcing content is extremely popular.

Outsourcing can be a double edged sword. When you outsource content, you’re again putting control in the hands of someone else. If you have great writers working for you this isn’t a problem. If you have a lower budget, however, you may find that your written content suffers.

With the Panda Update, it has become clear that Google uses content as a massive factor when determining which websites are spam or fluff. It’s more important than ever to hire competent writers and create quality unique content.

Expert or Authority?

The Mayday Update showed us exactly what Google thinks of “filler websites.” If your website is not an expert or authority in your niche, your chances of being effected in a future updunwritten law of quality contentate increase exponentially.

Expert and authority status is gained through content and consistency. If you can provide excellent content within one area of your niche, you will gain authority in that specific area. At this point, it’s time to expand into other parts of your niche. This process demands fresh content for each area you expand into. If all this content is spot on and well written, Google will begin viewing your website as an authority within your niche.

Although the Panda Update hit several known “authority websites,” these websites blatantly played against the unwritten law of quality content. As a result, they were penalized. It’s worth noting that even though these websites were obviously churning out subpar content, since they were authority websites, Google was extremely hesitant to pull the trigger (although they finally did).

If you run an authority website with quality content, you’re in an excellent spot for the longterm.

Keep SEO to White Hat

Last but not least, stick with white hat SEO. It can be tempting to spam links and manipulate Google’s algorithm, but this can be detrimental to your website’s success. SEO takes time, and the only way to speed up that process is to game the search engine.

As we’ve seen in the past, though, black and grey hat SEO can spell disaster to your website’s future. It’s always worth it to go 100% white hat. It might take more time, but you can be sure that your website’s future is much more stable than a website ranking due to shady and manipulative SEO techniques.

Keep Updated on what Google is Doing!

Although Google has the final word with your website, by creating excellent content and staying within white hat SEO, your website will have the best possible chance of succeeding regardless of Google updates.

If you’d like to keep updated on the latest Google algorithms, feel free to sign up for our weekly newsletter. Simply enter your name and e-mail to receive info on the latest SEO and internet marketing strategies for free!


    0 of 8192 characters used
    Post Comment

    No comments yet.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)