With Google and Bing making web reviews more visible, you’ve probably spent a lot more time concerned about getting and keeping great customer reviews. And a lot more time trying to counter the effects of poor reviews. Reviews from sites you may have never even heard of. Sites with 10-year old reviews. For a growing number of website owners, a very different reputation management problem may be brewing in their own webserver. It may start with a call from a customer.
“My browser is saying your site is dangerous and it won’t let me on.”
You bring your site up, and it looks fine. You call your web hosting provider, who runs a quick scan for you and can’t find anything wrong. But then a few more customers – and even a couple of employees – report similar problems. Someone even sends you a screen shot of Google search results with your website with a huge red flag next to it. You do the same search, and nothing at all seems wrong.
After a few days, you start to notice a drop in customers. Your website traffic is starting to drop. You continue to get reports of website problems from customers.
Perhaps your site really has been hacked. Or it’s a false positive or false report from one of any number of anti-phishing, malware protection, or site evaluation services.
The "Other" Reputation Management Problem
Sites are blacklisted when authorities such as Google, Bing, Norton Safe Web, McAfee SiteAdvisor etc., find irregularities on a website that they deduce to be malware. Malware can come in many forms: trojan horses, phishing schemes, pharma hacks, email or information scraping. Most often, the website owner is not even aware that they have been hacked. However, it's in the search engine's best interest not to show infected results, as they don't want to lose users due to these results putting their computer in harm's way. -- "What is a Google Blacklist"
This technical website reputation challenge is, in many ways, much harder for a typical small or medium-sized business to monitor. Because of the huge number of players and the highly-technical nature of cybercrime detection, you may feel overwhelmed simply trying to understand what you need to do to protect your business.
This isn’t another ‘how-to’ on how to recover your hacked website. I’m going to go over some of the players, how to easily monitor your technical reputation, and some websites you should proactively register and keep bookmarked for future use.
Who Monitors My Website Health And Reputation?
There are three basic types of technical website reporting going on. The first is active website scanning. The biggest players are Google and Bing. These search engines regularly spider your website. If they discover malicious software, suspected website hacks, or suspicious content, they flag their search results and report their findings to their security partners. Many web browsers and antivirus services actively check Google’s Safe Web Browsing for website reputation.
The second main reporting source is by active detection. If someone visits a website, and an active detection tool such as Microsoft Smartscreen, a browser anti-virus plugin, or firewall software detects malware, it not only blocks access but sends reports to back one or more databases and reporting services. These services create “blacklists” for email spam, malware, phishing, and even deceptive website content. These lists are then shared with other services, so that a single detection from a single source can eventually get reported across multiple services.
The third main reporting source is from user notification. Email and web server administrators, technical volunteers, and the general public all contribute to these reporting services. The good news is that, for most services, these manual reports require verification.
How To Watch the Watchers
While there are no inexpensive, comprehensive services that monitor technical reputation services, you can easily check a number of them at once. And a few will notify you automatically of any problems.
Nothing can kill organic search traffic like the prominent warnings the search engines slap onto results containing suspected malware or phishing content. You need to respond quickly.
Register With Google
If your website has been hacked and it is detected by Google, Google Search Console notifies you and provides information about the hack – including examples of the specific code. Google measures the time it takes for you to respond to their notices, and how quickly it cleans up. They also measure your reinfection rate. Finally, the fastest way to get your site reviewed by Google after cleanup is via Google Search Console.
Note for Google AdWords advertisers: I have had multiple sites with minor hacks detected by Google AdWords and not any other service. And unlike Google Search and Bing, the notifications from AdWords are frustratingly generic – you may need to get their support on chat or the phone to give you the specific URL they see problems with. Your ads will be suspended until you correct the problem.
Register with Bing
Bing Webmaster Tools also provides enhanced malware warnings. Bing will also notify when a threat is detected on the site. In my experience, I’ve received warnings from Bing, had the site scrubbed, and everything wrapped up without any other service detecting the problem. Like Google, the quickest way to get your site reviewed after cleanup to make the request via Bing Webmaster Tools.
Register with Norton Safe Web
The Norton Safe Web product both actively crawls and analyzes websites and incorporates user reviews. Reputation scores are incorporated into Norton web security products and a standalone freeware service. You will need to go to the Site Owners page, register for the site, and follow the instructions to verify your domain.
Scan Your Technical Site Reputation Regularly
There are over 80 sites that can affected your technical reputation to some degree. While there are no inexpensive automated tools, there are several sites that check a number of services simultaneously. By using just two free sites, you can verify your website’s technical reputation on almost all of these.
There are a few key sites that aren’t checked by these two tools. Most of them you can bookmark with your domain name in the URL and perform a quick check:
- Safeweb: https://safeweb.norton.com/report/show?url=example.com
- Site Advisor: https://www.siteadvisor.com/sites/example.com
- Borderware: http://www.borderware.com/domain_lookup.php?ip=example.com
The two final sites you should check regularly require you to complete a form:
Webroot Brightcloud: http://www.brightcloud.com/tools/url-ip-lookup.php - BrightCloud Threat Intelligence Services provides content classification and web reputation services on billions of pages. This tool allows the public to manually check a website or webpage. You can request a review of negative information from the report interface.
Trend Micro: https://global.sitesafety.trendmicro.com/ - Trend Micro maintains a domain-reputation database, and provides this tool to query the safety status and website category. Sites are reported as Safe, Dangerous, Suspicious, or Untested. Checking a URL will submit it for testing if it is untested.
The simplest way to get these checks done quickly and regularly is to simply create a recurring appointment in your web calendar. Do it at the same time you back up your website!
If Your Site Gets Hacked
Most of the services that check your reputation also provide help with clearing your site once you’ve taken care of any of the problems. Here are the best references to go to next:
Google's Help! My site was hacked!
Securi's "How To Clean A Hacked WordPress Site"