@pincock: Partially inspired by Ben Cook’s post (@Skitzzo) http://t.co/XSbuKY4r.
Your site has been hacked, what do you do? (basic, I know, but let’s discuss)
@tannerpetroff: First time that happened, I had no idea what to do. Hosting company emailed me about it, told me they couldn’t help. They were able to tell me which files had been hacked, I ended up sifting through them over and over until they were clean. Now that I have a bit more experience, I’m much more religious about backing up my sites.
@bryanphelps: I’m a huge fan of http://Sucuri.net for the less tech-savvy. Biggest problems I’ve had w/ hacked sites is outdated WP themes and WP plugins. Delete or update!
@emcgillivray: Find my back up of the non-hacked version quickly for upload, assess & fix security issue.
@dan_patterson: I’d immediately change all passwords. Good thing is that most enterprise sites should already have a dev/backup system they can revert to. At least I sure hope so..
@pincock: Are you seeing all out hacked or mostly malware? I’ve been seeing a lot more malware.
@ashbuckles: Find the root of the hack and prep action. Usually, its user/pass or exploit based.
@shuey03: a ton of malware
@Jeliadams: What tools do you use to back up your site?
@bryanphelps: I also use BackupBuddy (paid WP plugin) to backup my files and DB offsite daily
@shuey03: Backupbuddy also makes it stupid simple to migrate sites.
@pincock: you can also schedule a backup using a cron job. just depends on your site/server setup as to what’s the easiest method.
@dan_patterson: Automating it is key, otherwise it gets forgotten!
@ty_kilgore: Call the hosting company and have them roll back the site to when the hacked code wasn’t on the site
@thompsonpaul: Solid, current backups are best defense against being hacked – restoring is waaaay faster than trying to repair.
@dan_patterson: so I’m curious, are you guys seeing SEO-related hacks or virus hacks? SEO hacks meaning inserted HTML for links, etc.
@pincock: I used to see more injection hacks for links and spam landing pages, lately just viruses.
What monitoring tools and preventative measures do you use?
@shuey03: Website defender for wordpress is pretty bitchin!
@tannerpetroff: GWMT seems to have done a pretty good job for me so far.
@thompsonpaul: Be certain to have active email address in Webmaster Tools.
@bryanphelps: I’m preaching http://sucuri.net all day but they also have a monitoring plugin for WP. You can check any site on their website.
@pincock: Yes, i’ve used sucuri scans and have had mixed results, but overall positive.
@pincock: I deal with a lot of WP sites, so regular updates to WP, plugins, themes goes a long way to prevent hacks.
@ashbuckles: Pingdom can be good for uptime monitoring. Last week I found a massive link injection (from a plug-in) that’s driving top rankings for the site.
@dan_patterson: Oh, another great way to check for HTML insertion hacks: Screaming Frog. Check the external links report.
@dan_patterson: here’s a question: how many of you have had your IT teams notify you of a hack? I mean, HTML injections are one thing, but actual HACKs are another that I’d think IT would handle over anyone like us.
What are best practices for migrating a site?
@dan_patterson: BACK YOUR SITE UP FIRST!!!!!
@pincock: Set clear objectives and have a thorough migration plan, then backup before anything else! Make sure IT and Marketing are communicating. Export a list of pages with inbound links to ensure you don’t miss anything in the transition.
@Ravenjeremy: You really need to plan out what resources you need to migrate. Sometimes it’d be better to launch a new version.
@jennita: Always have a backup plan. I’ve seen migrations go wrong and they couldn’t go forward or backward because they had no plan.
@dan_patterson: What have been your main reasons for migrating?
@shuey03: Moving to a more brandable domain… getting away from an EMD.
@dan_patterson: I’ve migrated my own sites, mainly because the original host sucked *cough* GoDaddy *cough*. But what are other reasons to do it?
@tannerpetroff: Consolidating hosting accounts & moving from EMD to branded domain.
@Ravenjeremy: Usually migrating comes from a platform limitation, or goal you can’t achieve on the current site. There’s plenty more tho.
@thompsonpaul: Get a full content inventory and start planning your 301 redirects!
@Ravenjeremy: Decide on your new site architecture. It may be limited by the platform you choose and 301s WILL be needed. PLAN FOR IT. There’s some great redirect plugins for WordPress, but even non-wp migrations should plan for 301s.
@ashbuckles: Being a developer, I prefer to do it manually so I can ensure it’s done properly. It also allows me to do cleanup, upgrades, and maintenance at the same time.
@davidmalmborg: The toughest part is when management can’t wait for everything to be complete before going live with the new site.
@thompsonpaul: Make CERTAIN you new location can’t be indexed while testing.
@iamriplash: Complete crawl of old site before migration, allows you to quickly find 404′s once migrated and crawled again.
@shuey03: just watch your WMT to see if 404s increase
@dan_patterson: I guess there are two kinds of migration: host to host, and CMS to CMS. IMO CMS to CMS is a bigger problem. Thoughts?
@Ravenjeremy: Yes, because each CMS platform with have it’s own quirks, and limits. Way easier to miss something with a new system. With the new http://raventools.com site, it was key to have a staging server and that was just a relaunch w/o migration.
@pincock: A dev environment for testing a new platform is ideal prior to migration. Got called in to help a site that moved from home-grown to magento and lost 20% of their traffic overnight. #1 infraction was not handling 301′s correctly.
@emcgillivray: Don’t forget to change all internal links. I once moved WP & forgot about image links.
@shuey03: This should easily help with changing your internal links http://bit.ly/5I9Us
What tools do you use for migration? Crawl tools, diagnostic tools?
@shuey03: Backupbuddy when going from wordpress to wordpress. Love me some screaming frog for crawling. We also have a pretty robust crawler (private, internal tool) that we use as well.
@dan_patterson: I’d crawl the site beforehand to make sure you have every URL. Then crawl again to make sure you got everything and can identify 404s that pop up. Xenu for free, but ScreamingFrog is better. I think it’s a great idea before any migration to map out a checklist of everything and then go through it step by step. Decreases the chance you’ll overlook anything. Have a few people review it with you.
@Ravenjeremy: When you’re adding 301 redirects, don’t forget to remove the page (Especially WordPress) Sitemap will still show it!
@dan_patterson: But that’s another great thing to make sure you add to the checklist, double check the sitemap (XML and HTML)
@pincock: Post migration i’m watching analytics and webmaster tools to ensure no glitches!
@Ravenjeremy: If you’re not in your Google Webmaster tools, checking errors, re-submitting sitemap and re-index then you’re #fail.
@bloomreachinc: For our customer sites, we continually monitor using our dashboard and their GA or Omniture.
@ashbuckles: Identify your goals and make sure analytics are telling you what you want to hear. If not, be ready to adjust rapidly.
Dedicated vs. shared hosting – what is the SEO impact?
@dan_patterson: DON’T HOST WITH GODADDY #SomeoneHadToSayIt
@pincock: Seems like most sites on the web are via shared hosts, but leading sites are on dedicated. cost/benefit factors in. Seems like resource requirements and budget are the main drivers in host selection.
@pincock: Are there some shared hosts that you’ve had good luck with?
@dan_patterson: I use HostMonster for most of my personal sites. Haven’t had any problems. I think most “businesses” should have dedicated hosting. Blogs, personal sites, etc. stay on shared until the revenue from the site justifies dedicated hosting.
@shuey03: hostmonster… on a dedicated IP nonetheless
@DustinNay: I like cloud servers. My sites are all hosted with @stackable … impeccable tech support from real, English-speaking engineers.
@ashbuckles: My site didn’t get indexed in Bing for three years because of a shared IP address. I didn’t care but it was interesting to watch 36 months go by and nothing change in the algorithm. I’m certain it was IP. As soon as I changed it to a dedicated IP, it was all indexed in 3-4 days.
@tannerpetroff: I’ve had pretty good luck shared hosting w @DreamHost. They don’t have customer support by phone, but do a good job.
@emcgillivray: Hrm… I had the opposite experience with @DreamHost. Actually, ended up moving to @TigerTech because of downtime.
@thompsonpaul: Oh man… same issue with Dreamhost with a client. They were HORRIFIC & even their own home page was down constantly.
@iGoByDoc: Rackspace Cloud was decent… just freaking spendy in comparison.
@thompsonpaul: Site5 has done a REALLy good job lately – can even geolocate on shared. If you’re depending on the income from a site, it should be on VPS/Dedicated server. End of story in my opinion.
@pincock: Have any sites you work with been impacted by “bad neighbors” on shared servers?
@shuey03: yes, but unfortunately, we can’t name drop. As soon as we switched from godaddy and to a dedicated IP their rankings popped.
@dan_patterson: I’ve always “heard” about this, but never actually experienced it. Makes sense though. But my follow up to that would be, if you are with “bad neighbors” can you ask the host for a change, or do you just have to change hosts completely?
@pincock: I would be frustrated enough to move hosts entirely, if not make the jump to dedicated (if possible)
@tannerpetroff: I could see it happening, but haven’t had any experiences like that. Don’t have too many sites on shared hosting, though.
@thompsonpaul: Given earlier questions: WPEngine terrific for WP sites. Guaranteed not to get hacked, free/easy dev site, instant backups/restores.
@dan_patterson: Ignorant question: how much is dedicated these days?
@thompsonpaul: Request an SSL certificate – then you have to be put on a separate IP address anyway.
@pincock: Dedicated hosting is all over the board — any suggestions from the group on cheapest reliable dedicated? I’ve got a site on @mediatemple dedicated virtual for $50 and it works great. Dedicated server pricing is all about the resources/specs you want out of the machine. $50-200/month.
@dan_patterson: $50 is all? Wow, really that’s not bad. In that case, all small businesses making a profit should be on dedicated IMO.
@thompsonpaul: I’ve got a fully managed VPS w/ Site5 in a “local” datacentre – $60/month including daily backup service.
@pincock: Sounds like dedicated IP’s are making a big impact for your sites. something to consider if you’re not getting results on shared.
How can you decrease server taxation?
@pincock: follow on: with load time being a factor in SEO, what can you do to speed up your site and put less burden on that server?
@shuey03: implement cloudflare… RIGHT NOW!!! You can also tap into a CDN like MaxCDN.
@pincock: i’ve heard good things about cloudflare as well. need to finally check them out.
@shuey03: Seriously took 5 seconds off one of my websites load time… it’s magical.
@dan_patterson: Run WhySlow or another speed tool and see what your biggest issues are. Then tackle them one by one.
@dan_patterson: I’ve seen sites with image files that were MASSIVE. Shrink those suckers down!
@pincock: What are your favorite WP caching plugins?
@tannerpetroff: WP Super Cache works alright.
@MDez13: cloudflare cdn vs akamai cdn. which would you choose?
@thompsonpaul: Implement a CDN!! Even Cloudfront will reduce server taxation.
@hartleybrody: Check out an article i did on cloudflare + other tools i always use: http://t.co/tRFTm1dV
@dan_patterson: If you have photoshop, save all of your images for web. Keeps the quality, reduces the file size. Also, if you’re a blog, you don’t need 50 ad spaces.
You Might Also Like: