Your web designer or marketing consultant has likely advised you to improve your search engine optimization (SEO) for higher website traffic. Their hearts were in the right place, but they’re probably not thinking of how attracting more attention to your website also increases the risk of directing more malicious traffic to your site.
Fortunately many SEO best practices often align with website security best practices. A proactive approach to managing your website allows your organization to multitask for better security and SEO and build a better customer experience for the web.
Start by identifying your website security blind spots. Here are three common ways your website security can break down, and how each one impacts your website success and customer experience:
How it helps your SEO: Forms are essential for any website. Many SEO campaigns are designed to drive traffic to a download page or other form, in the hopes that the customer will enter their information in exchange for exclusive content or a more personalized experience.
How it hurts your security: A February PC Mag report explains the danger of “formjacking”—a nearly undetectable way scammers can skim an ecommerce website for data, especially with payments:
“For those who’ve never heard of it, formjacking has just been highlighted in the newest Symantec Internet Security Threat Report. The report lists this latest cybercrime as one of the most serious and lucrative attacks in the history of cyber-badness. And unlike ransomware, it’s relatively simple to carry out, and it’s nearly impossible for the victims to detect. Symantec says that it’s so successful that about 4,800 websites are infected with formjacking software every month.”
The PC Mag report cautions that common features of a website, such as chats and surveys, are key entry points for formjackers. Your ecommerce website likely has forms and chat features on several different pages. It’s impractical to nuke every potentially bad page and such a drastic change risks damaging your customer experience, anyway. But you need to do something to protect your customers’ financial data and ensure them they’re not walking into a trap by shopping with you.
User generated content
How it helps your SEO: According to Search Engine Land, user generated content can effectively differentiate your product pages from other duplicates on the web. A few good examples are the comments on a blog or a forum section. User generated content is a great way to get your customers talking about your brand.
How it hurts your security: Cybercriminals can find a haven in the unmoderated comments section of a blog, your reviews section or a traffic-heavy forum. It’s the easiest route to place malicious or irrelevant links on your ecommerce website. These links can hit your website hard in two ways: degrading your SEO and possibly flagging your website as malware or spam, which can lock users out. What’s the use in investing time and money in SEO just to have outside chaos wreck it all?
Best practice: Sitelock has a few suggestions to help manage the dangers of user generated content while retaining the benefits, such as utilizing comment system plugins in WordPress, enabling CAPTCHAs wherever possible and allowing only registered users to post comments. Adding an extra step is often enough to deter scammers looking for a quick score.
Your website URL
How it helps your SEO: Your website URL is where it all begins. You need more than just a clever website name and the right domain for your country and industry (think the difference between .com and .org). You also need HTTPS: a secure URL. In addition to keeping all pages secure on your ecommerce website, HTTPS allows you to keep up with current browser and SEO requirements. You’ll also likely see some SEO lift from using the more secure version of your website.
How it hurts your security: Google breaks it down in the simplest terms: HTTPS protects the integrity of your website and safeguards the privacy and security of your users. An unsecured website is an unlocked door welcoming scammers in to steal any data they can get their hands on. It can quickly become a no-go even for browsing. Many current browser updates won’t allow users to view an unsecured website. This one might be the most crucial to your overall customer experience.
Best practice: Upgrade your website to HTTPS as soon as you can. A secure domain is a clear stop sign for scammers. Google has a step-by-step guide in their HTTPS section but you’ll probably need your web development team to take the lead—it gets pretty complex. If you don’t have a web development team or feel brave enough to go it alone, here’s a practical guide from Entrepreneur Magazine.
If you don’t have time or money to invest in the above website projects right now, here are a few quick fixes to help boost your ecommerce website SEO and beef up security at the same time:
- Display trust symbols everywhere on your website—Let scammers know up front that they’re in for a fight on your website. Visible trust symbols also make your website look trustworthy, which will attract repeat traffic and feed your positive SEO scores.
- Utilize simple page indexing and remove duplicate pages—Make tracking your website as easy as possible to catch security breaches before they happen. Simpler page indexing spells better customer experience, with more internal searches on your website and reduced bounce rates.
- Install website updates and keep all versions of your website software current—Older software releases are less secure. Newer software versions will often force you to update your SEO plugins and extensions as well.
SEO, security, and customer experience are intertwined and directly impact the success of your ecommerce website. With this short guide, you no longer have to choose which one will demand your focus. You can make these key components work for you.
Photo by iStock