Hello, my name is Daniel Burns. I am the COO here at BSM. Chris is going on a well-deserved vacation today. So I am doing the Friday SEO tip for today. One of the things that we take very seriously and it’s very important, and I thought it was a good idea to share with everyone, is website security and how that affects SEO.
The reason it’s so important case study here. We had a client that didn’t have very good security on his website. They got hacked, and they had malware on the site. What happened is that Google re-indexed his website, and by the point that they re-indexed it, they put a warning on the search results saying this site might be infected. Eventually, what happened, because they got infected, they lost all of their rankings. For obvious reasons, Google doesn’t want to put a sign up there that people are going to click on and get infected. What happened is because the website got infected, much of the SEO traction that has been gained over the years from 1 minute to the other got lost. Not only that, the site got fixed within a couple of hours, but it took almost six months again for Google to bring back the rankings to where they were before. The real bad side of being hacked or having a site that’s not secure is that once you actually get put in the sandbox by Google, they’re going to take their sweet time to get you back up. So you really want to do everything you can to be able to secure the sites and make sure that this doesn’t happen to you.
I’m going to show you what we do to our personal sites and what we do to some of our customer sites. There are two things that are very important. First and most importantly is making sure that if you have a WordPress website, that you’re hosting on a WordPress-focused hosting. They do really good. The infrastructure is focused on WordPress. The company that we use, we really like is WPEngine. I’ve used a lot of different companies over the years. WPEngine, if you have a WordPress website, is probably one of the best ones out there. Not only it’s a great platform, but it’s also got a really good user interface for the administration. One of the features that I love about them is that they have the ability for you to reinstate a backup right away. So if something happens, you can do that on your own really quickly. Customer support is awesome. So if there’s anything with the site or with the hosting, there’s always someone to chat with. But, the important thing, the reason that I reuse them for security reasons, is that they are always updating the server-side of things. They’re always upgrading the PHP. They’re always sending notifications. If you have a plug-in or something on your site that could be a liability as well, they’re always proactively looking at the security and updating the website. That’s very important. Number two, is that you keep your plugins updated, especially if you’re using WordPress. Right here, we’re looking at the plugins for our site, and you’ll see that what I did here is I enabled auto-updates. This is probably the best thing that you can do to make sure that these plugins are automatically updating. Again, probably, one of the biggest liabilities or infiltration points for viruses is these plugins don’t get updated.
As you can see here, there are probably one or two more that I have to update. But because I have these updates set to automatically update, they’re automatically updated. So that’s on the server-side. That’s the first thing that we do to our WordPress websites. The second thing is an additional layer of security, which does a lot of different things. Some of it WP engine does, some of it doesn’t. But I like to have a combination of both of these things in there. And this is Sucuri.
Sucuri is a company that focuses on cleaning sites that have been hacked. So if you ever get hacked, these guys are really good about going in there and cleaning things up. They have a subscription plan that will look a little bit like this. This is ours again, Boulder marketing SEO company. The thing that they’re doing is they’re always checking the website to make sure that it’s not infected. The thing about this, which is really cool, is that they’ll check it, and if it’s infected, they’ll go in there, and they’ll clean it even before Google indexes it and picks it up. They have something here called a Server Side Scanner- a little piece of software inside the actual website. They’re scanning from the inside at all times, which is really great. The other thing is the site is up and running. If the site goes down for any reason, I immediately get a notification and then I know something’s off, and I can go there and address it.
Last but not least is the firewall. The firewall for us is really important. What it does is I can prevent anyone from logging into our WordPress website. I have to go in here, and I have to whitelist a specific IP. If I have a new developer somewhere who’s trying to log in, they’re going to be blocked unless I give them access. So between the firewall and the server-side scanner and all of the protection that Sucuri gives you and with the understanding that if something happens, they’ll go in there and they’ll fix it right away, and then all of the kind of WordPress focused performance things and security that WP Engine gives you, those are the two things that we implement on our own site, and those are the two things that we implement for most of our customer sites that need that security.
What I’m talking about here is mostly WordPress today. If you have a Shopify website, Shopify takes care of all of that security, so that’s not something that you have to worry about, but for a WordPress website, you really have to be on top of things. There is a WPEngine – affordable hosting totally worth the cost. Sucuri, it’s a yearly subscription, but in my view, it’s totally worth it. It’s a small price to pay to make sure that you have that peace of mind that your website is not going to get hacked and, most importantly, that you’re not going to lose a lot out of that SEO traction that you’ve gained over the years. I think that’s really the big takeaway from here.
So that’s it. Keep your website safe, and reach out if you have any questions. Thank you.