To help you identify and prioritize key issues on your website, an alert icon on the state of your site health appears on the Search Console home page whenever Google detects problems or events that prevent it from crawling or indexing it. The following events can trigger an alert about the health of your site.
- Google detected malware on your site.
- An important page has been removed from your site.
- If you intentionally deleted a page that was generating traffic to your site, you can ignore this alert.
- An important page is blocked by the robots.txt file.
- If you have intentionally blocked a page because you do not want it to appear in search results, you can ignore this alert.
I recommend that you regularly check the homepage of the Search Console to verify that your site does not have
Read Also, How to manage your site using search console
How to Secure Your Website Against Malware
To no longer suffer malware attacks, constant vigilance is required. This point contains tips and guidance to prevent a site from becoming infected. However, it is not exhaustive. I encourage you to do more research on your behalf.
Check The Health of Your Website
Many features in the Search Console can help you identify potential issues. For example :
On Google, run a search using the site operator: to see the indexed items. It’s always helpful to check your site to make sure everything is normal. If you do not yet master the search operator site: know that it limits your search to a specific site. For example, the search site: gotryus.com only displays results that come from our official blog.
The Search Queries page lists the relevant keywords that Google has found on your site. If unexpected keywords such as “Viagra” appear in this list, it is because your pages have probably been infected.
The “Malware” page (under Health Status) displays a sample of URLs on your site that contains malicious code. This page also displays samples of the problematic code.
The Explore as Google tool allows you to view a page as it appears for crawlers. If you think a page is infected, you can use this tool to find out what Googlebot actually sees.
When Google detects malware on your site, you’ll receive a notification on the Search Console homepage and an email in your Message Center. If you want to be notified quickly, you can enable message transfer from the Message Center to your e-mail.
In addition to regular monitoring of your site is the key to secure your website. I invite you to follow the below few recommendations:
Choose effective passwords. Gmail guidelines can help you.
Choose your third-party content providers carefully. Be very careful if you intend to install an application provided by a third party, such as a widget, a meter or an advertising network. The ad space is often occupied by third-party content that is not known to the site owner. Although there are many providers of high-quality third-party content on the Internet. Some providers may use these applications to send dangerous scripts to your visitors. Make sure that the application you are using comes from a reliable source.
Does your supplier have an official website with a helpdesk and contact information? Have other webmasters used this service?
Contact your web host or publishing platform for help. Most companies offer security pages and/or reactive and useful help groups. If a site or security page contains an RSS feed, subscribe to keep yourself informed of developments.
Secure all your computers. When working on a website, make sure that the local workstation you are using has up-to-date software. And it does not contain viruses, trojans, or other malware, and that an updated antivirus is installed.
Webmasters Who Have Access To The Server
Check the configuration of your server. The Apache site offers some security tips on the configuration. Microsoft provides technical resources for IIS on its website. Some of these tips deal with directory permissions, server-side inclusions, authentication, and encryption.
Create a backup copy of your .htaccess file, or any other access control mechanism, depending on the platform you use for your website. Use this copy to recover your data if the following procedure does not work. Remember to delete the backup file when you complete recovering your data.
Be sure to install the latest software versions and the latest patches. There are many tools that make designing a site easy, but each of them increases the risk of hacking. Webmasters often fall into the same trap: they install a forum or a blog and do not take care of it later. You must make sure that you have the latest versions of the software you are using. List all the software and plug-ins used on your site and keep track of version numbers and updates. Even if you remain cautious and regularly update the elements of your website, it may remain vulnerable if your web host has not installed the latest operating system updates. Alerts have already occurred on public websites, banks, sports teams, and businesses.
Check your log files regularly
You can secure your website If you take this habit regulary, you will reap many benefits, including increased security. For example, unusual URL parameters (such as “= http:” or “= //”) or traffic peaks on your site’s redirect URLs might indicate that a hacker is exploiting your open redirects. Also, remember that hackers often try to edit log files. Therefore, you must take steps to protect these files. You can move them to a directory rather than the default one so that hackers have more trouble finding them.
Look for common flaws that may be present on your site
Avoid using directories that are accessible to everyone. Indeed, it would be like leaving the door of your home wide open.
Also, check that there are no XSS (cross-site scripting) or SQL injection type vulnerabilities.
Use secure protocols
I recommend using SSH and SFTP protocols for data transfer, rather than protocols that use plain text such as telnet or FTP. SSH and SFTP use an encryption system and are much safer.
Keep up to date with the latest security news. The United States Government Emergency Response Team (US-CERT) also offers warnings and technical safety advice.